Date: Wed, 20 Aug 2025 16:31:13 +0200 From: Christian Weisgerber <naddy@mips.inka.de> To: Frank Leonhardt <freebsd-doc@fjl.co.uk> Cc: questions@freebsd.org Subject: Re: ssh on FreeBSD 14.3 won't talk to older hosts Message-ID: <aKXcMTBDrt0ypCP_@lorvorc.mips.inka.de> In-Reply-To: <19992208-8ea5-4e3d-93fc-a4f62c5594f2@fjl.co.uk> References: <5933e560-714b-492b-9151-380d5527ba18@fjl.co.uk> <19992208-8ea5-4e3d-93fc-a4f62c5594f2@fjl.co.uk>
index | next in thread | previous in thread | raw e-mail
Frank Leonhardt: > Add the following: > > HostKeyAlgorithms=+ssh-dss > PubkeyAcceptedKeyTypes +ssh-rsa > Protocol 2,1 > > I have all three but they may not all be needed in all circumstances, and > having protocol 1 isn't something you want to enable unless you're aware of > the risks. That's cute if "Protocol 2,1" is still accepted for compatibility, but there is no risk. The actual protocol 1 code has been summarily deleted from OpenSSH as of release 7.6 (Oct 2017). > This is IN SPITE of OpenSSH ssh-keygen still generating RSA by default, so Actually, that has been Ed25519 since OpenSSH 9.5 (Oct 2023)... but the FreeBSD -stable branches haven't picked up that change. > the default key type it creates it won't use without this hack. Unless I'm > missing something. There is a difference between a _key type_ and a _public key algorithm_. Admittely, those are the same for all other key types except for RSA, where there are three algorithms that can all use the same RSA keys: * ssh-rsa * rsa-sha2-256 * rsa-sha2-512 The difference is that those use the SHA-1, SHA-256, and SHA-512 hashes, respectively. SHA-1 is obsolete and no longer considered secure, so the "ssh-rsa" _algorithm_ has been disabled by default. You can still use the same "ssh-rsa" _keys_ with rsa-sha2-256 or rsa-sha2-512. -- Christian "naddy" Weisgerber naddy@mips.inka.dehome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?aKXcMTBDrt0ypCP_>