How do I check if my website is using SHA-1

SHA-1 (Secure Hash Algorithm 1) is an alogrithm used to verify data authenticity.  In 2005, SHA-1 was also found to be insecure.  So you should stop using SHA-1 and switch to SHA-2.  Is your website still using SHA-1 ?

 

You could do this check from command line of a Unix-like system.

openssl s_client -connect www.mysite.com:443 < /dev/null 2>/dev/null | openssl x509 -text -in /dev/stdin | grep "Signature Algorithm"
In the above command line, replace www.mysite.com with what you have.  For SSL, default port is 443.

    Signature Algorithm: sha1WithRSAEncryption
If this the result, your site is using SHA-1.  You should consider using SHA-2 in place of SHA-1.

    Signature Algorithm: sha256WithRSAEncryption
If this the result, your site is using SHA-2.

But why should I stop using SHA-1?

Today, more and more people consider SHA-1 to be insecure.  Since 2005, folks have published attacks on SHA-1.  The SHAttered attack is the most recent one.

A hiking tip

When going uphill, walk with straight feet.  So you won't fall sideways.  Like how they open an innings in test cricket - playing with a straight bat.

When going downhill, go criss-cross instead of following straight paths.  Good for maintaining balance while you're busy controlling your speed.  Like how they play during slog overs of a cricket match.

bash : Checking if a particular version of a software is present or not

In one bash script I was writing, I was told to take certain action based on whether version 4.2 or above of a certain software is available or not.
The versioning scheme used by the software in question is major.minor.revision
So, version 3.8.0 or 4.1.6 or 4.2.1 or 5.1.3 could be present.
Doing a string comparison is writing your own invitation for disaster.
The version obtained needs to be broken into pieces, and each piece needs to be compared numerically.

#!/bin/bash
# software_version="4.1.0"
# software_version="4.2.0"
# software_version="4.5.0"
software_version="5.1.0"
# software_version="3.8.0"
echo $software_version

major=$(echo $software_version | /usr/bin/cut -d. -f1)
minor=$(echo $software_version | /usr/bin/cut -d. -f2)
echo "major = $major  and  minor = $minor"

higher_than_4_2=0

if (($major > 4)); then
    higher_than_4_2=1
else
    if (($major == 4)) && (($minor >= 2)); then
        higher_than_4_2=1
    fi
fi
if (($higher_than_4_2 == 1)); then
  echo "Software version is equals to or greater than 4.2"
else
  echo "Software version is not equals to or greater than 4.2"
fi