Bug 3494 - ssh-keygen -r cannot disable SHA-1 digest
Summary: ssh-keygen -r cannot disable SHA-1 digest
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh-keygen (show other bugs)
Version: 9.1p1
Hardware: Other Linux
: P5 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks: V_9_3
  Show dependency treegraph
 
Reported: 2022-10-31 22:32 AEDT by Petr Menšík
Modified: 2023-03-17 13:42 AEDT (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Petr Menšík 2022-10-31 22:32:39 AEDT 
I would like to have a simple way to omit SHA1 digest from DNS SSHFP records. But I don't want to use SHA1 digest anymore or propagate them to secure DNS zones. Is there way to skip their printing?

If not, could such support be added?
Comment 1 HLFH 2022-12-09 01:53:49 AEDT 
Yes, it would be great to skip their printing.
Comment 2 Damien Miller 2023-03-08 10:33:41 AEDT 
Fixed in commit d651f5c9fe37 and will be in OpenSSH 9.3
Comment 3 Damien Miller 2023-03-17 13:42:28 AEDT 
OpenSSH 9.3 has been released. Close resolved bugs