diff options
| author | Nicola Murino <nicola.murino@gmail.com> | 2023-07-01 20:00:24 +0200 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2023-07-14 16:27:34 +0000 |
| commit | 3f8f0645c28700f4cb71c4f2e5678a0bb995a16d (patch) | |
| tree | 2aac120dcdf79c4fe02d9ebe5501ff2fb1b72779 /ssh | |
| parent | 5df3b5994134fe208c569a96dde7fc5f4d367ff6 (diff) | |
| download | go-x-crypto-3f8f0645c28700f4cb71c4f2e5678a0bb995a16d.tar.xz | |
ssh: prefer sha256 based RSA key algorithms
sha256 is more optimized than sha512 in Go and is secure enough
so prefer sha256 over sha512.
Change-Id: I3fcf7457791e3ef4539e97049aa905dcd293499d
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/507556
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Diffstat (limited to 'ssh')
| -rw-r--r-- | ssh/common.go | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ssh/common.go b/ssh/common.go index 5ce452b..44f71de 100644 --- a/ssh/common.go +++ b/ssh/common.go @@ -70,12 +70,12 @@ var preferredKexAlgos = []string{ // supportedHostKeyAlgos specifies the supported host-key algorithms (i.e. methods // of authenticating servers) in preference order. var supportedHostKeyAlgos = []string{ - CertAlgoRSASHA512v01, CertAlgoRSASHA256v01, + CertAlgoRSASHA256v01, CertAlgoRSASHA512v01, CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoED25519v01, KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521, - KeyAlgoRSASHA512, KeyAlgoRSASHA256, + KeyAlgoRSASHA256, KeyAlgoRSASHA512, KeyAlgoRSA, KeyAlgoDSA, KeyAlgoED25519, |