Questions tagged [sha1]
The sha1 tag has no usage guidance.
29
questions
2
votes
1
answer
1k
views
Allocate PCR banks for TPM in Linux
I want to have all PCRs (0-23) in sha1 and sha256 banks, but now I only have sha256 set and sha1 is empty but exists, tpm2_pcrread outputs:
sha1:
sha256:
0 : ...
0
votes
1
answer
5k
views
Putty on client - error couldn't agree a key exchange algorithm
My issue is that I have a putty client on a windows machine, trying to ssh to a Linux server (CentOS). The putty version is very old and it is NOT possible to take a newer version.
I would like to ...
0
votes
1
answer
644
views
How do I get HMAC SHA1 hash and Base64 encoding in AppScript?
I currently have a small piece of code to get an authorization string in R Studio. I am trying to replicate the same function in App Script, but I have not been able to get the same result.
The code ...
4
votes
3
answers
3k
views
Why Outlook client's S/MIME settings use SHA1 as the default Hash Algorithm for digital signing a message?
can someone tell why Outlook client S/MIME settings use SHA1 as the default Hash Algorithm?
Doesn't that put the certificate private key to a risk when weak algorithm is used? Or am I ...
18
votes
1
answer
23k
views
How to check if your ssh keys are in the ssh-rsa2 format?
So recently there were news of OpenSSH dropping support for SHA-1 logins and I am trying to understand which format they are referring to. Since years i've been generating keys via ssh-keygen -t rsa -...
0
votes
1
answer
103
views
SSH-256/512 RSA taking "long" to login
Up to now, I have been using putty + pageant 0.66 to ssh from my Win 10 client to a couple of Linux servers, as in
Comp A Comp B Comp C
Win 10, Msys2 --...
32
votes
1
answer
63k
views
How to check SSH key version locally
In general i'm searching for a method to show information about a private or public SSH key without contacting a server, like keylength, algorithm, ssh version and so on. Especially I like to know if ...
0
votes
1
answer
890
views
How can I compare a full directory's checksum between platforms?
I have a directory full of files and subdirectories on a Win7 machine. I want to archive them, so I compress and move them to archival storage. Before compression, I use the CRC context menu to ...
0
votes
0
answers
1k
views
This digital signature is invalid and cannot be trusted. The macros will be disabled
I am using MS Excel containing macro at customer place for some automation in excel. When the customer opens excel containing macro with the valid EV digital signature (Also tried with previously ...
1
vote
1
answer
3k
views
Derive sha1 hash from openssl binary base64 value
Digital Cinema Packages contain checksums in the following format as described here:
$ openssl sha1 -binary 'dcpfile.xml' |openssl base64
IxcfhXNHlw+1bbDFu0kp8KRylpU=
How can I take a value such as ...
1
vote
1
answer
213
views
sha1sum from commandline different from other sources
I have sha1sum installed on an Ubuntu 16.04 system and used it like this to compute an sha1 sum:
root@computer:# echo 1234 | sha1sum
1be168ff837f043bde17c0314341c84271047b31 -
also I computed the ...
0
votes
1
answer
442
views
Windows 7 PCI Compliance Regarding SSL, SHA-1, TLS-1 Vulnerabilities
How do I turn off SSL, TLS-1 support in Windows 7 to be in compliance with PCI standards? Also, I need to remove an SHA-1 certificate. I did some searching and found I can run the "MMC" tool, then add ...
2
votes
1
answer
5k
views
How reliable are SHA1 sum and MD5 sums on very large files?
I constantly transfer disk images and virtual machine images (usually 800GB to nearly 1 TB per file) to a cloud server via rclone using SSH, and I wonder how reliable are sha1sum and md5sum when it ...
1
vote
0
answers
413
views
Get SHA1 Checksum from GPG key?
I'm doing a encryption experience but need some help. I found a Private GPG Key while decrypting an image. Now, what can I do with this key?
The answer I need to find are the first 5 characters of a ...
13
votes
2
answers
15k
views
Why are Root CAs with SHA1 signatures not a risk
Take Verisign's website, for example, which has a root CA with a sha1 hash signature. Am I mistaken with understanding that were one to find a collision, they could impersonate the Verisign root CA, ...