• djm@openbsd.org's avatar
    upstream: Improve strictness and control over RSA-SHA2 signature · 4ba0d547
    djm@openbsd.org authored
    In ssh, when an agent fails to return a RSA-SHA2 signature when
    requested and falls back to RSA-SHA1 instead, retry the signature to
    ensure that the public key algorithm sent in the SSH_MSG_USERAUTH
    matches the one in the signature itself.
    
    In sshd, strictly enforce that the public key algorithm sent in the
    SSH_MSG_USERAUTH message matches what appears in the signature.
    
    Make the sshd_config PubkeyAcceptedKeyTypes and
    HostbasedAcceptedKeyTypes options control accepted signature algorithms
    (previously they selected supported key types). This allows these
    options to ban RSA-SHA1 in favour of RSA-SHA2.
    
    Add new signature algorithms "rsa-sha2-256-cert-v01@openssh.com" and
    "rsa-sha2-512-cert-v01@openssh.com" to force use of RSA-SHA2 signatures
    with certificate keys.
    
    feedback and ok markus@
    
    OpenBSD-Commit-ID: c6e9f6d45eed8962ad502d315d7eaef32c419dde
    4ba0d547