On 10/21/20 5:51 PM, Per Bothner wrote:
I was able to get things working again by adding this line to the
Host *.gnu.org section of ~/.ssh/config
PubkeyAcceptedKeyTypes +rsa-sha2-256,rsa-sha2-512
"rsa-sha2-256,rsa-sha2-51" are already part of the Fedora 33 crypto
policy. This configuration works (as I understand it) because the '+'
value adds key types to the default set, rather than the local policy.
The effect is that the configuration above downgrades the crypto policy
so that it includes 'ssh-rsa' again, and that's the key type that ends
up used with OpenSSH 7.4 servers.
_______________________________________________
test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/test@xxxxxxxxxxxxxxxxxxxxxxx
