OpenSSH 8.8 release with rsa-sha digital signature support disabled
The release of OpenSSH 8.8 has been published, an open implementation of a client and server for working using the SSH 2.0 and SFTP protocols. The release is notable for disabling by default the ability to use digital signatures based on RSA keys with a SHA-1 hash (“ssh-rsa”). The cessation of support for “ssh-rsa” signatures is due to the increased efficiency of collision attacks with a given prefix (the cost of selecting a collision is estimated at approximately $50 thousand). For […]