On Sun, Dec 05, 2021 at 07:23:50PM -0800, Gordon Messmer wrote:
On 12/5/21 05:15, Richard W.M. Jones wrote:
>openssh 8.8p1 (just released in Rawhide) cannot connect to older
>servers.
...
>or the equivalent on the command line:
> ssh -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa rhel6
That's also documented in the release notes for 8.8, under
"Potentially-incompatible changes":
https://www.openssh.com/txt/release-8.8
Though I'm surprised that's new; I'd have thought it would have
stopped working in Fedora 33 with
https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2
The change proposal says that Fedora disabled SHA-1 hashes, which
seems like the same change that's documented in OpenSSH 8.8. Had
this host opted out of the Fedora strong crypto policy?
"host" == client? No:
$ update-crypto-policies --show
DEFAULT
Rich.
--
Richard Jones, Virtualization Group, Red Hat
http://people.redhat.com/~rjones
Read my programming and virtualization blog:
http://rwmj.wordpress.com
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.
http://people.redhat.com/~rjones/virt-df/