Hi, the following line in ~/.ssh/config did the trick:
PubkeyAcceptedAlgorithms +ssh-rsa This lets ssh -v report: debug1: Offering public key: /home/.../.ssh/id_rsa RSA SHA256:... debug1: Server accepts key: /home/.../.ssh/id_rsa RSA SHA256:... Authenticated to ... ([...]:22) using "publickey". and leads to a shell session on the Debian 8 machine. So the mere message debug1: Offering public key: /home/.../.ssh/id_rsa RSA SHA256:... does not mean that RSA would be acceptable on the client side. It would be nice if the refusal message would be somewhat clearer than debug1: send_pubkey_test: no mutual signature algorithm I wrote: > > The ssh-rsa key was generated by Debian 10. man ssh-keygen of buster > > says the default of option -b with RSA was 2048. > > (Does anybody know how to analyze a key file in regard to such > > parameters ?) Michael Kjörling wrote: > $ ssh-keygen -l -f $pubkeyfile Says "2048 SHA256:... ...@... (RSA)". (Now that i know the right option, i can suddenly see it in the man page.) Have a nice day :) Thomas