On Mon, Sep 27, 2021 at 11:40 PM Kevin Kendzia
<kevin.kendzia@xxxxxxxxxxxxxx> wrote:
>
> Updated to openssh (8.8p1-1) and git didn't get the keys anymore.
> Couldn't pull or push. After reverting back to 8.7p1-2 it works as
> intended.
>
> Thank you for filling out a Git bug report!
> Please answer the following questions to help us understand your issue.
>
> What did you do before the bug happened? (Steps to reproduce your issue)
> Updated system packages (openssh)
> What did you expect to happen? (Expected behavior)
> Can git pull without issues
> What happened instead? (Actual behavior)
> Permission Denied due to key error
> What's different between what you expected and what actually happened?
> I couldn't push pull whatever because the keys haven't been recognized somehow
> Anything else you want to add:
> I reverted from openssh 8.8p1-1 to 8.7p1-2 to make it work again
> Please review the rest of the bug report below.
> You can delete any lines you don't wish to share.
Ultimately this isn't a Git issue; it's an SSH issue. My guess would
be that upgrading to OpenSSH 8.8 picks up the change to stop using RSA
signatures using SHA-1 hashes by default.[1]
You can update your ~/.ssh/config to add these lines to revert that
and allow using those keys again:
Host old-host
HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
With that said, though, if possible a better solution is to generate
new SSH keys using ECDSA, Ed25519 or another stronger signature and
switch to those.
Hope this helps!
Bryan
[1] https://www.openssh.com/releasenotes.html
