On Thu, 11 Oct 2018, Adam Eijdenberg wrote: > Thanks for looking into. I wasn't able to get the patch to apply > cleanly to the portable source for whatever reason, so I manually made > the changes and got a little further. I now get past the "no mutual > signature algorithm" client message, and get an error on the server > side (OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017): > > userauth_pubkey: unsupported public key algorithm: > rsa-sha2-512-cert-v01@xxxxxxxxxxx [preauth] Could you sent me a debug trace from the client for this? We shouldn't send this algorithm name unless the server supports it. > Along the way I noticed that there seems to be duplicated entries in > the keytypes[] array - is this intentional? ie the following 2 > contiguous sections appear to be identical. I ended up changing both > on my client to remove the "ssh-" prefix: > > https://github.com/openssh/openssh-portable/blob/V_7_8_P1/sshkey.c#L116-L123 > https://github.com/openssh/openssh-portable/blob/V_7_8_P1/sshkey.c#L124-L131 Thanks, I've committed a fix for this. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev