> On 10/31/2024 1:32 PM EDT Charlie Dennett <cdennett@xxxxxxxxx> wrote: > > > > > > On Thu, Oct 31, 2024 at 10:48 AM Max Pyziur <pyz@xxxxxxxxx> wrote: > > Greetings again, [deleted for the sake of brevity] > > /etc/ssh/ssh_config line 57: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519'. > > /etc/ssh/ssh_config line 58: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519'. > > /etc/ssh/ssh_config: terminating, 2 bad configuration options > > > > I know that this is an occasional occurrence post upgrade. > > > > Thank you for any and all advice. > > Just some guesswork here. On my system /etc/ssh/ssh_config includes other files (which includes other files). I found the list of key types listed in /etc/crypto-policies/back-ends/openssh.config (which is a sym link to /usr/share/crypto-policies/DEFAULT/openssh.txt). I'd check in that back-ends directory (and the DEFAULT directory the link points to) and see if there is a file ending in .rpmnew. Sometimes a package update will add that to a file name if the original file has been changed. If so, you can replace the file with the newer version. > > Also, those files come from: > > rpm -q --whatprovides /etc/crypto-policies/back-ends/openssh.config > crypto-policies-20241010-1.git8baf557.fc41.noarch > > You can always try reinstalling that package. > As I said, this is just some guesswork. Indeed, there was a ssh_config.rpmnew file that was present. Doing an sdiff -s, the following results show up: root@Gryphon:/etc/ssh# sdiff -s -w 180 bak/ssh_config ssh_config # $OpenBSD: ssh_config,v 1.35 2020/07/17 03:43:42 dtucker Exp $ | # $OpenBSD: ssh_config,v 1.36 2023/08/02 23:04:38 djm Exp $ # CheckHostIP yes | # CheckHostIP no < HostKeyAlgorithms ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-e < PubkeyAcceptedKeyTypes ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256, < Backup the old ssh_config, push ssh_config.rpmnew to ssh_config, and things work. Thank you. Max > -- > Charlie > -- > _______________________________________________ > users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx > Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue -- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
