upstream: When signing certificates with an RSA key, default to
using the rsa-sha2-512 signature algorithm. Certificates signed by RSA keys will therefore be incompatible with OpenSSH < 7.2 unless the default is overridden. Document the ability of the ssh-keygen -t flag to override the signature algorithm when signing certificates, and the new default. ok deraadt@ OpenBSD-Commit-ID: 400c9c15013978204c2cb80f294b03ae4cfc8b95
This commit is contained in:
djm@openbsd.org
Damien Miller
parent
606077ee1e
commit
476e3551b2
13
ssh-keygen.1
13
ssh-keygen.1
|
|
@ -1,4 +1,4 @@
|
|||
.\" $OpenBSD: ssh-keygen.1,v 1.158 2019/04/19 05:47:44 dtucker Exp $
|
||||
.\" $OpenBSD: ssh-keygen.1,v 1.159 2019/05/20 00:20:35 djm Exp $
|
||||
.\"
|
||||
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
|
@ -35,7 +35,7 @@
|
|||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd $Mdocdate: April 19 2019 $
|
||||
.Dd $Mdocdate: May 20 2019 $
|
||||
.Dt SSH-KEYGEN 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
|
@ -577,6 +577,15 @@ The possible values are
|
|||
.Dq ed25519 ,
|
||||
or
|
||||
.Dq rsa .
|
||||
.Pp
|
||||
This flag may also be used to specify the desired signature type when
|
||||
signing certificates using a RSA CA key.
|
||||
The available RSA signature variants are
|
||||
.Dq ssh-rsa
|
||||
(SHA1 signatures, not recommended),
|
||||
.Dq rsa-sha2-256
|
||||
.Dq rsa-sha2-512
|
||||
(the default).
|
||||
.It Fl U
|
||||
When used in combination with
|
||||
.Fl s ,
|
||||
|
|
|
|||
9
sshkey.c
9
sshkey.c
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: sshkey.c,v 1.74 2019/05/03 03:25:18 dtucker Exp $ */
|
||||
/* $OpenBSD: sshkey.c,v 1.75 2019/05/20 00:20:35 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
|
||||
* Copyright (c) 2008 Alexander von Gernler. All rights reserved.
|
||||
|
|
@ -2528,6 +2528,13 @@ sshkey_certify_custom(struct sshkey *k, struct sshkey *ca, const char *alg,
|
|||
strcmp(alg, k->cert->signature_type) != 0)
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
|
||||
/*
|
||||
* If no signing algorithm or signature_type was specified and we're
|
||||
* using a RSA key, then default to a good signature algorithm.
|
||||
*/
|
||||
if (alg == NULL && ca->type == KEY_RSA)
|
||||
alg = "rsa-sha2-512";
|
||||
|
||||
if ((ret = sshkey_to_blob(ca, &ca_blob, &ca_len)) != 0)
|
||||
return SSH_ERR_KEY_CERT_INVALID_SIGN_KEY;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue