Alternative check for depeciated ssh-rsa signature?
Damien Miller
djm at mindrot.org
Wed Sep 1 09:22:56 AEST 2021
On Tue, 31 Aug 2021, M Rubon wrote:
> The recent release notes suggesting testing with
> ssh -oHostKeyAlgorithms=-ssh-rsa user at host
>
> I want to test with dropbear clients where I do not have fine grained
> control of algorithms. I think, but want to confirm, that an
> equivalent server side test is to run sshd with the sshd_config line
> HostKeyAlgorithms -ssh-rsa,ssh-rsa-cert-v01 at openssh.com
That's correct, though AFAIK Dropbear doesn't support certificates
anyway.
-d
More information about the openssh-unix-dev
mailing list