On Mon, 8 Sept 2025 at 10:24, Dimitri John Ledkov
<dimitri.ledkov@surgut.co.uk> wrote:
>
> Upgrade ssh_connection_hash from SHA1 to SHA256. Due to increased
> length, instead of using hex encoding, use base64url encoding, which
> for SHA256 is only slightly longer than hex SHA1. Rename related
> variables for clarity.
>
> This change enables building and using ssh completely without SHA1.
> ---
>  regress/usr.bin/ssh/percent.sh |  3 ++-
>  usr.bin/ssh/readconf.c         | 23 ++++++++++++++++-------
>  usr.bin/ssh/ssh.c              |  4 ++--
>  usr.bin/ssh/sshconnect.h       |  4 ++--
>  4 files changed, 22 insertions(+), 12 deletions(-)
>

Are there any other questions, reviews or concerns to land this change?

This change passed all Github based CI at
https://github.com/openssh/openssh-portable/pull/595 but can
rebase/rerun again.

Separately, should I provide another alternative implementation that
keeps using HEX encoding but with a truncated SHA-256/160? This way
the appearance of the session will retain the same character set and
length as today, but without using SHA-1. This would be similar to
what is being used for TLS certificates public key info hash
identifier, for which it was also determined that SHA256 output is too
long.

-- 
Regards,

Dimitri.