Looking for a working example of sshd_config setup fille
Jeffrey Walton
noloader at gmail.com
Sat Aug 16 23:52:21 UTC 2025
On Sat, Aug 16, 2025 at 4:51 PM bruce <badouglas at gmail.com> wrote:
> hi Peter.
>
> I think (others can correct) thos might have to do with the rsa no longer
> being supported in terms of being easier to break.
>
RSA is still supported. The early RSA+SHA-1 cipher, which is the rsa+sha
cipher, is no longer enabled in a default configuration due to the SHA-1
algorithm. You can still use RSA, but the cipher will have to use the SHA-2
algorithm, which is the cipher rsa-sha2-256/512. Also see <
https://lwn.net/Articles/821544/>.
And nowadays, it would be a better choice to have ecdsa and ed25519 keys.
They are supported just about everywhere.
It is Ok to have several keys. Here is what my ssh config looks like.
Notice the three keys:
$ cat $HOME/.ssh/config
Host *.fsffrance.org fsffrance.org
User noloader
Host *.cfarm.net cfarm.net
User noloader
Host *.opencsw.org
User jeff
Host *.home.arpa
User jwalton
Host *
User jwalton
IdentityFile ~/.ssh/id_ed25519
IdentityFile ~/.ssh/id_ecdsa
IdentityFile ~/.ssh/id_rsa
Protocol 2
PreferredAuthentications publickey,password
Jeff
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20250816/f09ca999/attachment.html>
More information about the ubuntu-users
mailing list