SHA1 GPG Key Depreciated on RHEL 9 Derivatives

Plazey
Plazey Posts: 1
edited July 2023 in Linux only

I am on Rocky Linux 9, a RHEL 9 derivative.

SHA1 has been depreciated on all RHEL 9 derivatives, which is what the GPG key is signed with. So teamviewer cannot be updated using the key without workarounds.

Teamviewer, please update to a more advanced hashing algorithm.


Workaround:

Following these steps will temporarily enable the unsecure SHA1 GPG key checks, then update, then disable again.

sudo update-crypto-policies --set DEFAULT:SHA1

sudo dnf update

update-crypto-policies --set DEFAULT


Websites with supporting data:

https://www.redhat.com/en/blog/rhel-security-sha-1-package-signatures-distrusted-rhel-9

https://dl.teamviewer.com/download/linux/signature/TeamViewer2017.asc

[Removed as per Community Guidelines]

Tagged:

Answers

  • pjwelsh
    pjwelsh Posts: 1
    edited March 2023

    Created a support ticket. Hope it moves this issue along:

    [Removed as per Community Guidelines]

  • GhostRider2110
    GhostRider2110 Posts: 1

    As of 07/15/23 this is still an issue.

  • bmdennis
    bmdennis Posts: 3

    Still an issue as of 2023-09-26. Getting really tired of having to either resign new TeamViewer packages as they come out with my own key, or disabling GPG checks in the repo file.

    Seriously, TeamViewer, can you please just update your signing key to not be SHA1? Please? It's been a freaking year and a half since RHEL9 came out.

  • bmdennis
    bmdennis Posts: 3

    Another year and this still hasn't been fixed. At least it's been helping motivate us to completely move away from TeamViewer and drop our subscription.

Trustpilot

Categories

This Week's Leaders