Call for testing: OpenSSH 8.2

Phil Pennock phil.pennock at
Thu Feb 6 12:39:19 AEDT 2020

On 2020-02-06 at 10:29 +1100, Damien Miller wrote:
> OpenSSH 8.2p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is a feature release.

>  * The RFC8332 RSA SHA-2 signature algorithms rsa-sha2-256/512. These

Confirmed with building openssh-SNAP-20200206.tar.gz in an alpine 3.11.2
release that there's something a bit strange going on.

ssh_config(5) describes for `HostKeyAlgorithms` that:
} The list of available key types may also be obtained using "ssh -Q key"

Running `ssh -Q key`, the output does not include these proposed

Only in sshd_config(5):
  rsa-sha2-512-cert-v01 at
  rsa-sha2-256-cert-v01 at

Only in `ssh -Q key`:
  ssh-dss-cert-v01 at


This actually affects me: has very limited HostKeyAlgorithms
advertised and my attempts to filter acceptable algorithms are based
around lines from `ssh -Q key` (since before the newer - support for
filtering) so I've been re-enabling ssh-rsa for, missing that
there was another option.  I think I've stopped using clients old enough
to not have -tag support for this option, so I'll switch over away from
explicit enumeration.

More information about the openssh-unix-dev mailing list