Skip to content

Commit

Permalink
ssh: prefer sha256 based MAC algorithms
Browse files Browse the repository at this point in the history 
sha256 is more optimized than sha512 in Go and is secure enough
so prefer sha256 over sha512.

Fixes golang/go#61138

Change-Id: I7658808655367f1ab5f4ac8b52e6b20bd30ebf87
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/507555
Run-TryBot: Filippo Valsorda <[email protected]>
Reviewed-by: Filippo Valsorda <[email protected]>
Auto-Submit: Filippo Valsorda <[email protected]>
Reviewed-by: Joedian Reid <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>
Reviewed-by: Dmitri Shuralyov <[email protected]>
  • Loading branch information
@drakkan @gopherbot
drakkan authored and gopherbot committed Jul 5, 2023
1 parent e984872 commit 23b1b90
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion ssh/common.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ var supportedHostKeyAlgos = []string{
// This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed
// because they have reached the end of their useful life.
var supportedMACs = []string{
"hmac-sha2-512[email protected]", "hmac-sha2-256[email protected]", "hmac-sha2-256", "hmac-sha2-512", "hmac-sha1", "hmac-sha1-96",
"hmac-sha2-256[email protected]", "hmac-sha2-512[email protected]", "hmac-sha2-256", "hmac-sha2-512", "hmac-sha1", "hmac-sha1-96",
}

var supportedCompressions = []string{compressionNone}
Expand Down

0 comments on commit 23b1b90

Please sign in to comment.