On Mon, 15 Jun 2020 at 16:52, Matt Johnston <m...@ucc.asn.au> wrote: > This release also supports rsa-sha2 signatures which will be > required by OpenSSH in the near future - rsa with sha1 will > be disabled. This doesn't require any change to > hostkey/authorized_keys files. >
Apologies if I'm being obtuse; with newer version of openssh client the new dropbear won't accept rsa keys: ssh -v root@172.22.232.152 -p 2222 OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017 [snip] debug1: Next authentication method: publickey debug1: Offering RSA public key: rsa-key-20180607 debug1: *Server accepts key: pkalg rsa-sha2-256 blen 277* Authentication failed. but with older versions it does: ssh -v root@172.22.232.152 -p 2222 OpenSSH_5.8p2, OpenSSL 0.9.8o 01 Jun 2010 [snip] debug1: Offering RSA public key: rsa-key-20180607 debug1: *Server accepts key: pkalg ssh-rsa blen 277* debug1: Authentication succeeded (publickey). Is there a config option I'm missing? Thanks Geoff
