I don't mind switching the algorithm, but the whole purpose of the
connection hash in this context is to provide an identifier that takes
in the unique descriptors of the connection that is short enough to
avoid exceeding the relatively-modest sockaddr_un path limit.

IMO, at 64 characters, a hex-encoded SHA256 hash is too long for this.
It should be truncated and/or a modified b64 encoding use. Modified
because base64 usually uses /, which isn't acceptable for something
intended as a filesystem path (+ isn't great either).

On Mon, 1 Sep 2025, Dimitri John Ledkov wrote:

> Upgrade ssh_connection_hash from SHA1 to SHA256, if length of this
> value is considered an ABI, can also keep tohex legnth as before to
> thus effectively use SHA256/160.
> 
> This change enables building and using ssh completely without SHA1.
> ---
>  regress/usr.bin/ssh/percent.sh | 2 +-
>  usr.bin/ssh/readconf.c         | 4 ++--
>  2 files changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/regress/usr.bin/ssh/percent.sh b/regress/usr.bin/ssh/percent.sh
> index 7ce9e8a1dc3..4e58b3fc145 100644
> --- a/regress/usr.bin/ssh/percent.sh
> +++ b/regress/usr.bin/ssh/percent.sh
> @@ -107,7 +107,7 @@ for i in matchexec localcommand remotecommand controlpath identityagent \
>  	# Matches implementation in readconf.c:ssh_connection_hash()
>  	if [ ! -z "${OPENSSL_BIN}" ]; then
>  		HASH=`printf "${HOSTNAME}127.0.0.1${PORT}${REMUSER}" |
> -		    $OPENSSL_BIN sha1 | cut -f2 -d' '`
> +		    $OPENSSL_BIN sha256 | cut -f2 -d' '`
>  		trial $i '%C' $HASH
>  	fi
>  	trial $i '%%' '%'
> diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c
> index 4e94f1e0bc1..4e413a86b57 100644
> --- a/usr.bin/ssh/readconf.c
> +++ b/usr.bin/ssh/readconf.c
> @@ -346,7 +346,7 @@ ssh_connection_hash(const char *thishost, const char *host, const char *portstr,
>  	struct ssh_digest_ctx *md;
>  	u_char conn_hash[SSH_DIGEST_MAX_LENGTH];
>  
> -	if ((md = ssh_digest_start(SSH_DIGEST_SHA1)) == NULL ||
> +	if ((md = ssh_digest_start(SSH_DIGEST_SHA256)) == NULL ||
>  	    ssh_digest_update(md, thishost, strlen(thishost)) < 0 ||
>  	    ssh_digest_update(md, host, strlen(host)) < 0 ||
>  	    ssh_digest_update(md, portstr, strlen(portstr)) < 0 ||
> @@ -355,7 +355,7 @@ ssh_connection_hash(const char *thishost, const char *host, const char *portstr,
>  	    ssh_digest_final(md, conn_hash, sizeof(conn_hash)) < 0)
>  		fatal_f("mux digest failed");
>  	ssh_digest_free(md);
> -	return tohex(conn_hash, ssh_digest_bytes(SSH_DIGEST_SHA1));
> +	return tohex(conn_hash, ssh_digest_bytes(SSH_DIGEST_SHA256));
>  }
>  
>  /*
> -- 
> 2.48.1
> 
>