f0dc3a553f
* Explicitly call out SSH algorithm_signer default Related: #11608 Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Use rsa-sha2-256 as the default SSH CA hash algo As mentioned in the OpenSSH 8.2 release notes, OpenSSH will no longer be accepting ssh-rsa signatures by default as these use the insecure SHA-1 algorithm. For roles in which an explicit signature type wasn't specified, we should change the default from SHA-1 to SHA-256 for security and compatibility with modern OpenSSH releases. See also: https://www.openssh.com/txt/release-8.2 Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Update docs mentioning new algorithm change Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add changelog entry Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Fix missing parenthesis, clarify new default value * Add to side bar Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> |
||
|---|---|---|
| .. | ||
| aws | ||
| cassandra | ||
| consul | ||
| database | ||
| mongodb | ||
| mssql | ||
| mysql | ||
| nomad | ||
| pki | ||
| postgresql | ||
| rabbitmq | ||
| ssh | ||
| totp | ||
| transit | ||