Bug 2130155 - Unable to push changes to Qt gerrit instance
Summary: Unable to push changes to Qt gerrit instance
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora
Classification: Fedora
Component: openssh
Version: 37
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Dmitry Belyavskiy
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-09-27 10:47 UTC by Jan Grulich
Modified: 2022-09-29 08:57 UTC (History)
8 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2022-09-29 08:57:26 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)
Debug log (7.12 KB, text/plain)
2022-09-27 10:47 UTC, Jan Grulich 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker FC-615 0 None None None 2022-09-27 10:49:48 UTC

Description Jan Grulich 2022-09-27 10:47:43 UTC 
Created attachment 1914572 [details]
Debug log

Description of problem:
Submitting a change to Qt gerrit instance with current openssh (+crypto-policies) will end up rejected with:

>Bad server host key: Invalid key length
>fatal: Could not read from remote repository.

>Please make sure you have the correct access rights
>and the repository exists.

Version-Release number of selected component (if applicable):
openssh-8.8p1-6.fc37
crypto-policies-20220815-1.gite4ed860.fc37


Additional info:
Downgrading to openssh-8.8p1-3.fc37.x86_64 and crypto-policies-20220428-2.gitdfb10ea.fc37.noarch makes it work. It's hard to say what package is responsible as they depend on each other and it's not possible to downgrade only openssh without also downgrading crypto-policies.

Attaching log from the communication.
Comment 1 Simo Sorce 2022-09-27 12:53:01 UTC 
Probably duplicate of #2127765
Comment 2 Dmitry Belyavskiy 2022-09-29 08:57:26 UTC 
If you or server use RSA key shorter than 2048 bits, it is rejected. Such keys can't be considered secure enough nowadays so please replace it with a longer key.

The behavior is intended so closing WONTFIX, some more details are in https://bugzilla.redhat.com/show_bug.cgi?id=2127765
Note You need to log in before you can comment on or make changes to this bug.