FS#72250 - [openssh] Fails to use loaded ssh keys

Attached to Project: Arch Linux
Opened by Nils (Eka) - Monday, 27 September 2021, 09:38 GMT
Last edited by Jonas Witschel (diabonas) - Monday, 27 September 2021, 15:48 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To No-one
Architecture x86_64
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 4
Private No

Details

Description:

With the latest version (openssh-8.8p1-1), I can't successfully connect to remote repository with ssh-key. For example, with Atlassian, I get:

❯ ssh -Tv git@bitbucket.org
OpenSSH_8.8p1, OpenSSL 1.1.1l 24 Aug 2021
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to bitbucket.org [2406:da00:ff00::22c3:9b0a] port 22.
debug1: Connection established.
debug1: identity file ~/.ssh/id_rsa type 0
debug1: identity file ~/.ssh/id_rsa-cert type -1
debug1: identity file ~/.ssh/id_dsa type -1
debug1: identity file ~/.ssh/id_dsa-cert type -1
debug1: identity file ~/.ssh/id_ecdsa type -1
debug1: identity file ~/.ssh/id_ecdsa-cert type -1
debug1: identity file ~/.ssh/id_ecdsa_sk type -1
debug1: identity file ~/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file ~/.ssh/id_ed25519 type -1
debug1: identity file ~/.ssh/id_ed25519-cert type -1
debug1: identity file ~/.ssh/id_ed25519_sk type -1
debug1: identity file ~/.ssh/id_ed25519_sk-cert type -1
debug1: identity file ~/.ssh/id_xmss type -1
debug1: identity file ~/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.8
debug1: Remote protocol version 2.0, remote software version conker_9184038cdb f6f230eaa11d
debug1: compat_banner: no match: conker_9184038cdb f6f230eaa11d
debug1: Authenticating to bitbucket.org:22 as 'git'
debug1: load_hostkeys: fopen ~/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: (no match)
Unable to negotiate with 2406:da00:ff00::22c3:9b0a port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss

But it works fine with the previous version. The agent is loaded in both case.
This task depends upon

Closed by  Jonas Witschel (diabonas)
Monday, 27 September 2021, 15:48 GMT
Reason for closing:  Not a bug
Additional comments about closing:  Upstream has disabled the ssh-rsa algorithm (using SHA-1 signatures) by default, cf. https://www.openssh.com/txt/release-8.8 for an explanation and a possible workaround.
Comment by loqs (loqs) - Monday, 27 September 2021, 10:47 GMT
See the Potentially-incompatible changes section of https://www.openssh.com/txt/release-8.8 with respect to ssh-rsa, ssh-dss was not supported in the previous version either.
See also https://www.openssh.com/legacy.html
Comment by Joris Baum (jaudriga) - Monday, 27 September 2021, 11:06 GMT
(I just ran into the same issue today) they recommend the following workaround in ~/.ssh/config:

Host bitbucket.org
HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
Comment by Igor Murzov (GArik) - Monday, 27 September 2021, 13:01 GMT
Thanks Joris. This solved my connection issues.
Looks like that's not a bug and the task should be closed. Maybe some warning message on the front page of archlinux.org would prevent people from reporting ssh connection issues as a bug...
Comment by Nils (Eka) - Monday, 27 September 2021, 15:14 GMT
Well indeed, it would be a good idea to warn users about it. Thanks Joris for the workaround. :)
Comment by Doug Elkin (duhdugg) - Monday, 27 September 2021, 15:33 GMT
From the release notes:

> We recommend enabling RSA/SHA1 only as a stopgap measure
> until legacy implementations can be upgraded or reconfigured
> with another key type (such as ECDSA or Ed25519).

Interesting enough, new keys generated using `ssh-keygen` without the `-t` flag on this version are still generated using rsa. Can we have it default to ed25519 instead?

Loading...