[Bug 1961833] Re: openssh 8.8 breaks login to Canonical servers
Dan Streetman
1961833 at bugs.launchpad.net
Thu May 12 13:47:36 UTC 2022
For reference to anyone coming here with this problem, when connecting
to a remote sshd server you can find what host key algorithms the remote
host uses by using -vv and check the debug output; look first for the
*peer* server KEXINIT proposal (not the earlier *local client* KEXINIT
proposal):
debug2: peer server KEXINIT proposal
a line or two after that, you should see the list of host key algorithms
the remote host is offering; if it contains *only* ssh-rsa then this bug
is relevant.
debug2: host key algorithms: ssh-rsa
Note that by default many systems support multiple algorithms, e.g. you
may see:
debug2: host key algorithms: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-
ed25519
in this case, even though the remote host does offer ssh-rsa, it also
supports other algorithms that jammy does support.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1961833
Title:
openssh 8.8 breaks login to Canonical servers
Status in openssh package in Ubuntu:
Won't Fix
Bug description:
With 8.7p1-4 connecting to wendigo
debug1: Next authentication method: publickey
debug1: Offering public key: /home/jak/.ssh/id_rsa RSA SHA256:Dj1/l9g5RH00/wO7puC1WVxgpvmhmaQg3wEETwmOFPk agent
debug1: Server accepts key: /home/jak/.ssh/id_rsa RSA SHA256:Dj1/l9g5RH00/wO7puC1WVxgpvmhmaQg3wEETwmOFPk agent
With 8.8p1-1
debug1: Offering public key: /home/jak/.ssh/id_rsa RSA SHA256:Dj1/l9g5RH00/wO7puC1WVxgpvmhmaQg3wEETwmOFPk agent
debug1: send_pubkey_test: no mutual signature algorithm
Needs further investigation, but blocks people a bit right now
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1961833/+subscriptions
More information about the foundations-bugs
mailing list