Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-62311

Add support for rsa-sha2-256 and rsa-sha2-512 key algorithms

    XMLWordPrintable

Details

    Description

      As announced in OpenSSH 8.2, the ssh-rsa key algorithm is being deprecated due to weaknesses in SHA-1. To continue supporting RSA keys, use of rsa-sha2-256 or rsa-sha2-512 key algorithms as specified in RFC 8332 needs to be added to Trilead.

      Alternatively, SSH Build Agents should migrate to using Apache SSH which is actively maintained, supports these key algorithms, and is overall more modern.

      Attachments

        Issue Links

          Activity

            jvz Matt Sicker created issue -
            jvz Matt Sicker made changes -
            Field Original Value New Value
            Description As announced in [OpenSSH 8.2|https://www.openssh.com/txt/release-8.2], the {{ssh-rsa}} key algorithm is being deprecated due to weaknesses in SHA-1. To continue supporting RSA keys, use of {{rsa-sha2-256}} or {{rsa-sha2-512}} key algorithms as specified in [RFC 8332|https://tools.ietf.org/html/rfc8332] needs to be added to Trilead. As announced in [OpenSSH 8.2|https://www.openssh.com/txt/release-8.2], the {{ssh-rsa}} key algorithm is being deprecated due to weaknesses in SHA-1. To continue supporting RSA keys, use of {{rsa-sha2-256}} or {{rsa-sha2-512}} key algorithms as specified in [RFC 8332|https://tools.ietf.org/html/rfc8332] needs to be added to Trilead.

            Alternatively, SSH Build Agents should migrate to using [Apache SSH|https://github.com/apache/mina-sshd] which is actively maintained, supports these key algorithms, and is overall more modern.
            jvz Matt Sicker made changes -
            Component/s trilead-api-plugin [ 22324 ]
            jvz Matt Sicker made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            jvz Matt Sicker made changes -
            Remote Link This issue links to "Trilead PR (Web Link)" [ 24924 ]
            jvz Matt Sicker made changes -
            Remote Link This issue links to "Pull Request Try #2 (Web Link)" [ 24957 ]
            jvz Matt Sicker made changes -
            Status In Progress [ 3 ] In Review [ 10005 ]
            jvz Matt Sicker made changes -
            Resolution Fixed [ 1 ]
            Status In Review [ 10005 ] Resolved [ 5 ]
            jvz Matt Sicker made changes -
            Status Resolved [ 5 ] Closed [ 6 ]
            ifernandezcalvo Ivan Fernandez Calvo made changes -
            Resolution Fixed [ 1 ]
            Status Closed [ 6 ] Reopened [ 4 ]
            jvz Matt Sicker made changes -
            Status Reopened [ 4 ] In Progress [ 3 ]
            jvz Matt Sicker made changes -
            Status In Progress [ 3 ] In Review [ 10005 ]
            ifernandezcalvo Ivan Fernandez Calvo made changes -
            Resolution Fixed [ 1 ]
            Status In Review [ 10005 ] Fixed but Unreleased [ 10203 ]
            ifernandezcalvo Ivan Fernandez Calvo made changes -
            Status Fixed but Unreleased [ 10203 ] Resolved [ 5 ]

            People

              jvz Matt Sicker
              jvz Matt Sicker
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: