Please forgive if this is the wrong place...

As a user of the excellent ssh and sshd I would like to see the next
version of openssh contain support for the SHA-2 hashes (SHA-256,
SHA-384, and SHA-512) as the SHA-1 hash is now known to be vulnerable to
a 2^69 and possibly a 2^63 key-space search. As of version 0.98 openssl
contained support for these hashes so it would be nice if openssh
followed suit.

I posted this request before on and was correctly told
that by default sshd regenerates the key every 60 mins. But consider a
server using SHA-1, and an attacker who wants the user/password, or a
file being transfered, and captures the cipher data. While they cannot
see your session in "real time" they still could capture the data and
key-search the SHA-1 hash, making it easier to break the key.

While I'm no crypto-expert, this does _NOT_ seem like a good thing(tm).
Are there any plans to implement these hashes into openssh?


openssh-unix-dev mailing list