Description of problem: Connection to old ssh server not possible Version-Release number of selected component (if applicable): openssh-8.8p1-6.fc37.x86_64 How reproducible:Always Steps to Reproduce: 1.ssh -oHostKeyAlgorithms=+ssh-rsa 192.168.1.127 2. 3. Actual results: Unable to negotiate with 192.168.1.127 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss Expected results: Password prompt Additional info: After building the package without patch Patch1006: openssh-8.7p1-negotiate-supported-algs.patch and decreasing in the /etc/crypto-policies/backend/openssh.conf RSAMinSize to 1024, the connection can be established. No problem for me if the old algorithms are no longer supported, "putty" still supports them, but there is no error message indicating the problem, it's just like the HostKeyAlgorithms option is doing nothing. Kind regards
The problem has more moving parts then it looks at the first site. First, it's ssh-rsa, which is deprecated because of using SHA1. Normal workaround is to enable crypto-policy DEFAULT:SHA1. Second is key bits, managed by RSAMinSize. Could you please decrease RSAMinSize as you did and try the DEFAULT:SHA1 crypto-policy? I agree that there is a problem with diagnostics.
Thanks. In mean time I found out that apparently the patch seems to forbid overruling cryptopolicies with HostKeyAlgorithms, and I tried a module containing sign@openssh-client = RSA-SHA1+ DSA-SHA1+ min_rsa_size@openssh-client=1024 Result: [root@lap2 hj]# update-crypto-policies --set DEFAULT Setting system policy to DEFAULT Note: System-wide crypto policies are applied on application start-up. It is recommended to restart the system for the change of policies to fully take place. [root@lap2 hj]# ssh -oHostKeyAlgorithms=+ssh-rsa hj.1.127 Unable to negotiate with 192.168.1.127 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss [root@lap2 hj]# update-crypto-policies --set DEFAULT:OLDSSH Setting system policy to DEFAULT:OLDSSH Note: System-wide crypto policies are applied on application start-up. It is recommended to restart the system for the change of policies to fully take place. [root@lap2 hj]# ssh -oHostKeyAlgorithms=+ssh-rsa hj.1.127 -bash-3.2$ sshd -v sshd: illegal option -- v OpenSSH_5.9p1, OpenSSL 0.9.7m 23 Feb 2007 This moves the problem more to a proper error message/documentation/readthedocs problem.... Thanks!
Forgot to mention: DEFAULT:SHA1: [root@lap2 hj]# ssh -oHostKeyAlgorithms=+ssh-rsa hj.1.127 Bad server host key: Invalid key length Works after manually changing the keylength in the backend, but I think that's not desired. May be min_rsa_size@openssh can be added to the SHA1 module?
No, it shouldn't. We don't allow such short RSA keys even in LEGACY policy. So I think we could close the issue if you don't mind
1K keys should never be used today, closing as we will not make this change.
Agree to close. The key length can be simply solved on the server, if there is access to, by regenerating the keys with acceptable size. Persisting problems: "ssh -Q HostKeyAlgorithms" shows ssh-rsa and ssh-dss as available, and "ssh -oHostKeyAlgorithms=+ssh-rsa" shows no clear error message.