End of support for GITLAB_ALLOW_SHA1_RSA in Gitlab 17.x

Hi all,
In Gitlab 16.3 an option GITLAB_ALLOW_SHA1_RSA was added to keep on supporting old SHA1 keys. See also GitLab 16 changes | GitLab

I did some testing on gitlab.com running on 17.1.0-pre for the moment where this for the time being still works.

When exactly will this feature be removed in GitLab 17?

Regards,
Peter

So far we can only go by the documentation that it will be removed in 17.0. Since it’s been long deprecated since 16.3 it would be prudent to generate new SSH keys rather than use old ones that we know will just simply stop working in that version or at least the very near future. It doesn’t make sense to keep on using them or trying to find a way around it.

It stopped working in gitlab versions from 16.0 till 16.3 where they added support again with the implementation of GITLAB_ALLOW_SHA1_RSA

1 Like