"ssh -Q key" does not list rsa-sha2 algorithms
Brian Candler
b.candler at pobox.com
Tue Jun 2 18:48:32 AEST 2020
On 01/06/2020 23:48, Darren Tucker wrote:
> On Tue, 2 Jun 2020 at 06:12, Christian Weisgerber<naddy at mips.inka.de> wrote
>> On 2020-06-01, Ethan Rahn<ethan.rahn at gmail.com> wrote:
>>
>>> With the upcoming deprecation of ssh-rsa I was trying to see what keys my
>>> version of OpenSSH ( 7.8p1 ) supports. I noticed that "ssh -Q key" does not
>>> actually list the suggested algorithms to transition to ( rsa-sha2-256 and
>>> rsa-sha2-512 ) even though they are supported.
>> "-Q key" are the supported key formats. For the signature algorithms,
>> you want "-Q sig". This is documented in the man page.
> In addition, from version 8.2 ssh -Q will also accept ssh_config
> keywords and emit the formats or algorithms accepted by that keyword,
There is also "-Q key-sig" in recent versions (not sure exactly how
recent, but 7.6 doesn't have it)
More information about the openssh-unix-dev
mailing list