open-vault/website/data
Alexander Scheel f0dc3a553f
Switch to secure signing algorithm for SSH secrets engine (#14006)
* Explicitly call out SSH algorithm_signer default

Related: #11608

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Use rsa-sha2-256 as the default SSH CA hash algo

As mentioned in the OpenSSH 8.2 release notes, OpenSSH will no longer be
accepting ssh-rsa signatures by default as these use the insecure SHA-1
algorithm.

For roles in which an explicit signature type wasn't specified, we
should change the default from SHA-1 to SHA-256 for security and
compatibility with modern OpenSSH releases.

See also: https://www.openssh.com/txt/release-8.2

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update docs mentioning new algorithm change

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix missing parenthesis, clarify new default value

* Add to side bar

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-02-18 10:44:01 -05:00
..
alert-banner.js chore: Disable alert banner (#13458) 2021-12-16 13:10:59 -05:00
api-docs-nav-data.json Add sys/version-history endpoint and associated command (#13766) 2022-02-14 15:26:57 -05:00
docs-nav-data.json Switch to secure signing algorithm for SSH secrets engine (#14006) 2022-02-18 10:44:01 -05:00
intro-nav-data.json feat(website): migrates nav data format and updates docs pages (#11242) 2021-04-06 13:49:04 -04:00
metadata.js
version.js Updating website for 1.9.3 (#13808) 2022-01-27 13:56:27 -05:00