[infra] ssh authentication error with Gerrit

Pete Zaitcev zaitcev at redhat.com
Sat Dec 26 21:35:29 UTC 2020


On Sat, 26 Dec 2020 21:14:10 +0000
Jeremy Stanley <fungi at yuggoth.org> wrote:

> > debug1: send_pubkey_test: no mutual signature algorithm
> > debug1: No more authentication methods to try.  

> You're basically on track with your assumptions. OpenSSH 8.4 (client
> included in Fedora 33) has deprecated[*] ssh-rsa authentication
> because it relies on SHA-1 hashes but Fedora decided[**] to go a
> step further and update their own crypto policy to just go ahead and
> break it completely.
> [*] https://www.openssh.com/releasenotes.html

Jeremy, thanks a lot. That's a piece of documentation that I didn't
think to check. I was able to submit my review to Gerrit by allowing
ssh-rsa with PubkeyAcceptedKeyTypes.

-- Pete




More information about the openstack-discuss mailing list