interestingly, paramiko is also broken when connecting to older servers,
but not for the same reason as this bug. See bug 1973241
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1961833
Title:
For reference to anyone coming here with this problem, when connecting
to a remote sshd server you can find what host key algorithms the remote
host uses by using -vv and check the debug output; look first for the
*peer* server KEXINIT proposal (not the earlier *local client* KEXINIT
proposal):
We generally expect programs to print a depreciation notice to stderr
and not just hide them in release notes, that we, as downstream users
don't read :)
If it doesn't warn during use, it's not properly deprecated.
--
You received this bug notification because you are a member of Ubuntu
Bugs,
Also, regarding the "without a deprecation notice" claim, this has been
advertised under "Future deprecation notice" in the OpenSSH release
notes since 8.2.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
No, I'm not going to undo this. IS shouldn't be running a pre-xenial
OpenSSH on xenial machines in the first place, and it's good to fix
that; and anything older than that is well out of support anyway.
** Changed in: openssh (Ubuntu)
Status: New => Won't Fix
--
You received this bug
** Tags added: rls-jj-incoming
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1961833
Title:
openssh 8.8 breaks login to Canonical servers
To manage notifications about this bug go to:
Question we have to ask: Is breaking support for old servers without a
deprecation notice in the LTS release the best cause of action?
** Summary changed:
- openssh 8.8 breaks login to canonical servers
+ openssh 8.8 breaks login to Canonical servers
--
You received this bug notification
It says
Incompatibility is more likely when connecting to older SSH
implementations that have not been upgraded or have not closely tracked
improvements in the SSH protocol. For these cases, it may be necessary
to selectively re-enable RSA/SHA1 to allow connection and/or user
authentication via