[Bug 3029] New: keyscan does not list rsa keys if the ssh-rsa is not allowed on server
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Jul 2 20:47:26 AEST 2019
https://bugzilla.mindrot.org/show_bug.cgi?id=3029
Bug ID: 3029
Summary: keyscan does not list rsa keys if the ssh-rsa is not
allowed on server
Product: Portable OpenSSH
Version: 8.0p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-keyscan
Assignee: unassigned-bugs at mindrot.org
Reporter: jjelen at redhat.com
Created attachment 3294
--> https://bugzilla.mindrot.org/attachment.cgi?id=3294&action=edit
proposed patch
the keyscan is forcing ssh-rsa signature algorithm when scanning for
rsa keys and if ssh-rsa (SHA1 variant) is not allowed on server, no RSA
keys is returned.
The attached patch extends the signature algorithms to offer also the
SHA2 variants (and certificate SHA2 variants) so the keyscan can work
as expected.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list