Mailing List Archive

From:: Damien Miller <djm@mindrot.org>
Subject:: Re: [PATCH] Upgrade ssh_connection_hash from SHA1 to SHA256
To:: kc-openbsd@chadwicks.me.uk
Cc:: tech@openbsd.org
Date:: Tue, 2 Sep 2025 19:00:42 +1000

Download raw body.

Thread

2025-09-01 23:50 Damien Miller:
[PATCH] Upgrade ssh_connection_hash from SHA1 to SHA256
- 2025-09-02 00:14 kc-openbsd@chadwicks.me.uk:
  [PATCH] Upgrade ssh_connection_hash from SHA1 to SHA256
- - 2025-09-02 09:00 Damien Miller:
    [PATCH] Upgrade ssh_connection_hash from SHA1 to SHA256
- 2025-09-02 09:24 Job Snijders:
  [PATCH] Upgrade ssh_connection_hash from SHA1 to SHA256
- - 2025-09-02 22:13 Damien Miller:
    [PATCH] Upgrade ssh_connection_hash from SHA1 to SHA256

On Tue, 2 Sep 2025, kc-openbsd@chadwicks.me.uk wrote:

> 2 Sept 2025 00:51:51 Damien Miller <djm@mindrot.org>:
> 
> > IMO, at 64 characters, a hex-encoded SHA256 hash is too long for this.
> > It should be truncated and/or a modified b64 encoding use.
>
> Perhaps it doesn't matter but wouldn't b64 lengthen or weaken the hash
> bits. CMAC would be shorter?

Using base64 doesn't weaken the hash, it's just an encoding.

There's not much of a reason for this to be a cryptographic hash to
begin with; very few people run ssh multiplexing in situations where
the connection parameters are adversarial and available for collision.

-d

2025-09-01 23:50 Damien Miller:
[PATCH] Upgrade ssh_connection_hash from SHA1 to SHA256
- 2025-09-02 00:14 kc-openbsd@chadwicks.me.uk:
  [PATCH] Upgrade ssh_connection_hash from SHA1 to SHA256
- - 2025-09-02 09:00 Damien Miller:
    [PATCH] Upgrade ssh_connection_hash from SHA1 to SHA256
- 2025-09-02 09:24 Job Snijders:
  [PATCH] Upgrade ssh_connection_hash from SHA1 to SHA256
- - 2025-09-02 22:13 Damien Miller:
    [PATCH] Upgrade ssh_connection_hash from SHA1 to SHA256