You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We should add support for RFC8308 extension negotation, and primarily, the server-sig-algs extension.
Currently, we always try to authenticate RSA keys first with ssh-rsa (SHA-1) because otherwise certain servers are prone to misbehaving - see #1283 and related discussions. With the server-sig-algs extension implemented, we can know upfront which algorithms the server will accept and we can e.g. save a signature round-trip in the case that the server will not accept ssh-rsa.
We should add support for RFC8308 extension negotation, and primarily, the
server-sig-algs
extension.Currently, we always try to authenticate RSA keys first with
ssh-rsa
(SHA-1) because otherwise certain servers are prone to misbehaving - see #1283 and related discussions. With theserver-sig-algs
extension implemented, we can know upfront which algorithms the server will accept and we can e.g. save a signature round-trip in the case that the server will not acceptssh-rsa
.There may be some more extensions worth supporting in https://github.com/openssh/openssh-portable/blob/master/PROTOCOL
The text was updated successfully, but these errors were encountered: