Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: First version of curl to enable SHA256 for sftp
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Jeffrey Walton via curl-users <curl-users_at_lists.haxx.se>
Date: Thu, 1 Sep 2022 20:40:10 -0400
On Thu, Sep 1, 2022 at 6:53 PM Werner L. Stolz via curl-users
<curl-users_at_lists.haxx.se> wrote:
>
> We have an issue with being unable to negotiate encryption keys with one of our data partners.
>
> From the error message and my research, it looks like a problem between old, deprecated DSA encryption and SHA1 versus SHA256 for RSA,
> and the only solution is to upgrade to a newer version of curl.
>
> The problem is that we run on AIX, so we cannot simply pull an RPM for a Linux distro. I tried to investigate the curl releases documentation,
> but I cannot tell when SHA256 support was added.
>
> Could someone with more knowledge please let me know when SHA256 support was added?
Hi Werner,
Another thought is, build an updated OpenSSH. You will get updated ssh
and scp clients and servers for the AIX box.
cURL is non-trivial to build because it has so many dependencies.[1]
OpenSSH is relatively easy to build because it has two dependencies -
zLib and OpenSSL.[2] Or three if you want LDNS.[2] So OpenSSH is
usually an easier problem.
[1] https://github.com/noloader/Build-Scripts/blob/master/build-curl.sh
[2] https://github.com/noloader/Build-Scripts/blob/master/build-openssh.sh
Jeff
Date: Thu, 1 Sep 2022 20:40:10 -0400
On Thu, Sep 1, 2022 at 6:53 PM Werner L. Stolz via curl-users
<curl-users_at_lists.haxx.se> wrote:
>
> We have an issue with being unable to negotiate encryption keys with one of our data partners.
>
> From the error message and my research, it looks like a problem between old, deprecated DSA encryption and SHA1 versus SHA256 for RSA,
> and the only solution is to upgrade to a newer version of curl.
>
> The problem is that we run on AIX, so we cannot simply pull an RPM for a Linux distro. I tried to investigate the curl releases documentation,
> but I cannot tell when SHA256 support was added.
>
> Could someone with more knowledge please let me know when SHA256 support was added?
Hi Werner,
Another thought is, build an updated OpenSSH. You will get updated ssh
and scp clients and servers for the AIX box.
cURL is non-trivial to build because it has so many dependencies.[1]
OpenSSH is relatively easy to build because it has two dependencies -
zLib and OpenSSL.[2] Or three if you want LDNS.[2] So OpenSSH is
usually an easier problem.
[1] https://github.com/noloader/Build-Scripts/blob/master/build-curl.sh
[2] https://github.com/noloader/Build-Scripts/blob/master/build-openssh.sh
Jeff
-- Unsubscribe: https://lists.haxx.se/listinfo/curl-users Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2022-09-02