26 Dec
2020
26 Dec
'20
11:35 p.m.
On Sat, 26 Dec 2020 21:14:10 +0000 Jeremy Stanley <fungi@yuggoth.org> wrote:
debug1: send_pubkey_test: no mutual signature algorithm debug1: No more authentication methods to try.
You're basically on track with your assumptions. OpenSSH 8.4 (client included in Fedora 33) has deprecated[*] ssh-rsa authentication because it relies on SHA-1 hashes but Fedora decided[**] to go a step further and update their own crypto policy to just go ahead and break it completely. [*] https://www.openssh.com/releasenotes.html
Jeremy, thanks a lot. That's a piece of documentation that I didn't think to check. I was able to submit my review to Gerrit by allowing ssh-rsa with PubkeyAcceptedKeyTypes. -- Pete