Patrick Monnerat patrick at
Fri Mar 31 12:13:42 CEST 2023

On 3/31/23 04:30, Peter Stuge via libssh2-devel wrote:
> Patrick Monnerat via libssh2-devel wrote:
>> I noticed two things about field hash_len of structure
>> 1) It seems unused in the current code base,
> That seems right.
>> 2) If its goal is to describe the signing/verification algorithm, it is
>> wrongly set to MD5 in hostkey.c for hostkey_method_ssh_rsa,
>> hostkey_method_ssh_rsa_cert and hostkey_method_ssh_dss.
> Also seems right.

Hi Peter,

Thanks for confirmation.

> ssh_rsa and ssh_dss should be SHA1, what about ssh-rsa-cert-v01?

According to what is effectively done by the signing method, this should 
be SHA1 too.

Another wrong value is for ssh-ed25519: this should be SHA512 instead of 

> Let's just correct them. :)



More information about the libssh2-devel mailing list