Azure DevOps hosted git, and Bastion, failing to negotiate encryption?

Nico Kadel-Garcia nkadel at
Sun May 22 13:54:34 AEST 2022

On Sat, May 21, 2022 at 6:01 PM Ángel <angel at> wrote:
> On 2022-05-21 at 14:04 -0400, Nico Kadel-Garcia wrote:
> > Since the dominating problem is the git client usage, I'm more
> > concerned with running:
> >
> >      GIT_SSH_COMMAND='git -v -v -v -v -v' git clone azure-server-git-url
> I think you mean
>   GIT_SSH_COMMAND='ssh -v -v -v -v -v' git clone azure-server-git-url

Quite right, I'm not on the same system I'd do such work from.

> but it may be easier to just work with
>   ssh -v -v -v azure-server-git-server git-upload-pack /url
> I'm afraid I have no pony for you, Nico. My guess is that the CIS
> hardening removed something (e.g. ssh-rsa) which is the only one
> supported by that Azure git service, but you surely had a similar guess
> already.

That's what I suspect. I was hoping someone else with broad SSH
experience might already have the answer in hand. Microsoft was not
helpful in answering which specific protocols their SSH daemon
supports, which I did try to ask.

More information about the openssh-unix-dev mailing list