On Fri, Jul 14, 2023 at 11:23 AM Walter H. via users <users@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
Hello,
I've got a Win10 box und a Fedora VM
both are latest updates / release [Win10 22H2 19045.3086 and Fedora 38]
I was used to connect to the Fedora VM from the Win10 box
- with the OpenSSH commands, that are nativly available in Windows
- with WinSCP
- or the ssh commands inside the WSL [Debian Distribution]
some time ago I noticed that the used keys from the WSL don't work any more;
I added this inside the Fedora in the sshd_config
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes ssh-rsa
then the login using the keys from WSL were working again;
but why didn't this help to login using the keys via the Win 10 OpenSSH
commands;
there I had to create new keys
ssh-keygen -t ed25519
and then to modify the above addings like this:
HostKeyAlgorithms +ssh-rsa,ssh-ed25519
PubkeyAcceptedKeyTypes ssh-rsa,ssh-ed25519
the same with WinSCP, there I had to gernerate a new key, too;
the used ssh-rsa keys are refused, even from WSL they work;
a bit confusing/strange;
More recent ssh versions will use defaults chosen for the current risk environment, so key types
and other defaults change over time. It would be unusual for WSL to be accessible from arbitrary
internet sites, but that is in scope for Fedora, so you would expect Fedora defaults that increase
security even if that is nor compatible with some other distributions running in WSL.
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
