Call for testing: OpenSSH 8.2
Phil Pennock
phil.pennock at globnix.org
Thu Feb 6 12:39:19 AEDT 2020
On 2020-02-06 at 10:29 +1100, Damien Miller wrote:
> OpenSSH 8.2p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is a feature release.
> * The RFC8332 RSA SHA-2 signature algorithms rsa-sha2-256/512. These
Confirmed with building openssh-SNAP-20200206.tar.gz in an alpine 3.11.2
release that there's something a bit strange going on.
ssh_config(5) describes for `HostKeyAlgorithms` that:
} The list of available key types may also be obtained using "ssh -Q key"
Running `ssh -Q key`, the output does not include these proposed
replacements.
Only in sshd_config(5):
rsa-sha2-512-cert-v01 at openssh.com
rsa-sha2-256-cert-v01 at openssh.com
rsa-sha2-512
rsa-sha2-256
Only in `ssh -Q key`:
ssh-dss
ssh-dss-cert-v01 at openssh.com
Regards,
-Phil
(
This actually affects me: github.com has very limited HostKeyAlgorithms
advertised and my attempts to filter acceptable algorithms are based
around lines from `ssh -Q key` (since before the newer - support for
filtering) so I've been re-enabling ssh-rsa for github.com, missing that
there was another option. I think I've stopped using clients old enough
to not have -tag support for this option, so I'll switch over away from
explicit enumeration.
)
More information about the openssh-unix-dev
mailing list