httpsig icon indicating copy to clipboard operation
httpsig copied to clipboard
verified publisher icon go-fed

Use SHA256 for SSH signing

Open 42wim opened this issue 4 years ago • 4 comments

When using the SSH Agent signers we need to use a wrapper to actually allow signing with SHA256.

42wim avatar Dec 25 '21 23:12 42wim

Hi, very sorry for the delay. I see the referenced issue: https://github.com/golang/go/issues/37278

Is marked closed. Is this change still needed? I have no problem with a wrapper for SSH Agent signers. I am just not entirely a big fan of enabling MD4/MD5.

cjslep avatar Jan 19 '22 07:01 cjslep

I'm not doing anything with md4/md5, this PR enables SHA256 for ssh signing instead of SHA1. If you look at the diff I just remove a comment, I'm not changing anything wrt md4/md5

42wim avatar Jan 19 '22 08:01 42wim

@cjslep please let me know if there's anything not clear

42wim avatar Feb 12 '22 21:02 42wim

ping

42wim avatar May 29 '22 18:05 42wim