When I do ssh -Q key, where ssh is the OpenSSH 7.4p1 client, I get the following output: ssh-ed25519 ssh-ed25519-cert-v01@xxxxxxxxxxx ssh-rsa ssh-dss ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-rsa-cert-v01@xxxxxxxxxxx ssh-dss-cert-v01@xxxxxxxxxxx ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx The thing is, one can invoke both client and server with -o HostKeyAlgorithms=rsa-sha2-256, or -o HostKeyAlgorithms=rsa-sha2-512, and everything's OK. Why is it that rsa-sha2-* are not displayed in the output above? In fact, no option to -Q elicits them, and they are not mentioned in the OpenSSH client and server man pages. Is this intentional? _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
