SG2218 using SHA-1 for SSH key signatures

ipilcher

Saturday

Posts: 1

Helpful: 1

Solutions: 0

Stories: 0

Registered: 2025-11-29

SG2218 using SHA-1 for SSH key signatures

Saturday

Model: TL-SG2218

Hardware Version: V1

Firmware Version: 1.20.9

I just discovered that my brand new TP-Link SG2218, running firmware released earlier this year, will only use SHA-1 signatures for SSH key-based authentication. SHA-1 was deprecated in 2011, because it is known to be insecure. Sometime in the last few years, Fedora completely disabled SHA-1 in its default system-wide crypto policy. It is literally impossible to SSH to one of these things (if one has any SSH keys set up) without reducing the system-wide crypto level.

I don't expect network equipment vendors to move fast, nor do I expect them to keep updating EOL equipment, but that is not what is happening here. This is a brand new managed switch, running its most recent firmware that was released in 2025. There is absolutely no excuse for this level of pure laziness.

1 Reply

Ethan-TP

Yesterday

Posts: 510

Helpful: 37

Solutions: 195

Stories: 0

Registered: 2025-09-08

Re:SG2218 using SHA-1 for SSH key signatures

Yesterday

@ipilcher

To help assist and streamline the identification of the behavior, we recommend sending an email to forumsupport.usa@tp-link.com with the following information:

Subject: [Forum Escalation][ID]

Forum Nickname:

Thread URL:

Model&Version:

Description:

Any Other Relevant Information (Logs, Config Files, Images, etc.): [

Once sent, a ticket will be created in our support system, and a member of the team will follow up to gather more information or troubleshoot a cause.

Wishing you a joyful life and smooth internet! Get the Latest Firmware Releases for Omada Routers Here - Subscribe for Updates Omada US Enterprise Beta Program Launch

SG2218 using SHA-1 for SSH key signatures

SG2218 using SHA-1 for SSH key signatures

Information

Voters 0

Tags