
OpenSSH to deprecate SHA-1 logins due to security risk - pedro84
https://www.zdnet.com/article/openssh-to-deprecate-sha-1-logins-due-to-security-risk/
======
pedro84
[http://www.openssh.com/txt/release-8.3](http://www.openssh.com/txt/release-8.3)

To check whether a server is using the weak ssh-rsa public key algorithm, for
host authentication, try to connect to it after removing the ssh-rsa algorithm
from ssh(1)'s allowed list:

ssh -oHostKeyAlgorithms=-ssh-rsa user@host

If the host key verification fails and no other supported host key types are
available, the server software on that host should be upgraded.

