Bug 1816226
Summary: | Weak GSSAPI key exchange methods enabled by default [openssh] | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Jakub Jelen <jjelen> | |
Component: | openssh | Assignee: | Jakub Jelen <jjelen> | |
Status: | CLOSED ERRATA | QA Contact: | Ondrej Moriš <omoris> | |
Severity: | unspecified | Docs Contact: | ||
Priority: | medium | |||
Version: | 8.4 | CC: | cwarfiel, dwalsh, jjelen, omoris, plautrba, tmraz | |
Target Milestone: | rc | Keywords: | Triaged | |
Target Release: | 8.0 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | openssh-8.0p1-5.el8 | Doc Type: | Enhancement | |
Doc Text: |
Feature: New GSSAPI key exchange methods using SHA2 from RFC 8732 are enabled by default.
Reason: RHEL 8 contains implementation of the new GSSAPI key exchange methods since 8.0, but only the SHA1 were enabled by default because the specification was not finalized. Now, the specification is published so the new methods are enabled by default (which also depends on a change in crypto policies).
Result: The new SHA2-based GSSAPI key exchange methods are available and usable by default.
|
Story Points: | --- | |
Clone Of: | 1666781 | |||
: | 1816253 (view as bug list) | Environment: | ||
Last Closed: | 2020-11-04 01:32:00 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | 1666781 | |||
Bug Blocks: | 1816253 |
Description
Jakub Jelen
2020-03-23 15:29:52 UTC
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (openssh bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4439 |