SHA-1 deprecation in Red Hat Enterprise Linux 9

The SHA-1 message digest has been deprecated in RHEL 9. The digest produced by SHA-1 is not considered secure because of many documented successful attacks based on finding hash collisions. The RHEL core crypto components no longer create signatures using SHA-1 by default. Applications in RHEL 9 have been updated to avoid using SHA-1 in security-relevant use cases.

The use of SHA-1 is restricted in the DEFAULT crypto policy. Except for HMAC, SHA-1 is no longer allowed in TLS, DTLS, SSH, IKEv2, DNSSEC and Kerberos protocols.

If your scenario requires the use of SHA-1 for verifying existing or third-party cryptographic signatures, you can enable it by entering the following command:

# update-crypto-policies --set DEFAULT:SHA1

Alternatively, you can switch the system-wide crypto policies to the LEGACY policy. The product documentation provides more information about the system-wide cryptographic policies shipped with Red Hat Enterprise Linux 9.

To solve compatibility problems with systems that still require SHA-1, see the following solution articles:

• SSH from RHEL 9 to RHEL 6 systems does not work
• Packages signed with SHA-1 can’t be installed or upgraded
• Failed connection with SSH servers that do not support the 'server-sig-algs' extension
• DNSSEC records signed with RSASHA1 fail to verify