the ssh service at git.launchpad.net offers only the deprecated ssh-rsa HostKeyAlgorithm
Currently, an ssh client that deliberately drops `ssh-rsa` from its list of HostKeyAlgorithms as a conservative defense against known SHA1 attacks cannot connect to git.launchpad.net.
The command line error for me shows:
Unable to negotiate with 91.189.94.79 port 22: no matching host key type found. Their offer: ssh-rsa
This is because the ssh service at git.launchpad.net offers only the `ssh-rsa` HostKeyAlgorithm, which is deprecated due to its reliance on SHA1:
(see: https:/
git.launchpad.net's ssh service should provide a newer form of ssh host key. If you want to stick with RSA, there are several options that do not depend on SHA1, like rsa-sha2-512 or rsa-sha2-256. Or if you're ok with elliptic curves, you could offer ssh-ed25519. Or you could offer multiple host keys for the service.
Question information
- Language:
- English Edit question
- Status:
- Answered
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
|
Revision history for this message
|
#1 |
|
Revision history for this message
|
#2 |
|
Revision history for this message
|
#3 |
|
Revision history for this message
|
#4 |
Can you help with this problem?
Provide an answer of your own, or ask dkg for more information if necessary.
