> On 10/31/2024 1:32 PM EDT Charlie Dennett <[email protected]> wrote:
>
>
>
>
>
> On Thu, Oct 31, 2024 at 10:48 AM Max Pyziur <[email protected]> wrote:
> > Greetings again,
[deleted for the sake of brevity]
> > /etc/ssh/ssh_config line 57: Bad key types
> > 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519'.
> > /etc/ssh/ssh_config line 58: Bad key types
> > 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519'.
> > /etc/ssh/ssh_config: terminating, 2 bad configuration options
> >
> > I know that this is an occasional occurrence post upgrade.
> >
> > Thank you for any and all advice.
>
> Just some guesswork here. On my system /etc/ssh/ssh_config includes other
> files (which includes other files). I found the list of key types listed in
> /etc/crypto-policies/back-ends/openssh.config (which is a sym link to
> /usr/share/crypto-policies/DEFAULT/openssh.txt). I'd check in that back-ends
> directory (and the DEFAULT directory the link points to) and see if there is
> a file ending in .rpmnew. Sometimes a package update will add that to a file
> name if the original file has been changed. If so, you can replace the file
> with the newer version.
>
> Also, those files come from:
>
> rpm -q --whatprovides /etc/crypto-policies/back-ends/openssh.config
> crypto-policies-20241010-1.git8baf557.fc41.noarch
>
> You can always try reinstalling that package.
> As I said, this is just some guesswork.
Indeed, there was a ssh_config.rpmnew file that was present. Doing an sdiff -s,
the following results show up:
root@Gryphon:/etc/ssh# sdiff -s -w 180 bak/ssh_config ssh_config
# $OpenBSD: ssh_config,v 1.35 2020/07/17 03:43:42 dtucker Exp $
| # $OpenBSD: ssh_config,v 1.36 2023/08/02 23:04:38 djm Exp $
# CheckHostIP yes
| # CheckHostIP no
<
HostKeyAlgorithms
ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-e <
PubkeyAcceptedKeyTypes
ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256, <
Backup the old ssh_config, push ssh_config.rpmnew to ssh_config, and things
work.
Thank you.
Max
> --
> Charlie
> --
> _______________________________________________
> users mailing list -- [email protected]
> To unsubscribe send an email to [email protected]
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/[email protected]
> Do not reply to spam, report it:
> https://pagure.io/fedora-infrastructure/new_issue
--
_______________________________________________
users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
