-
Notifications
You must be signed in to change notification settings - Fork 67
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ssh host key issue #352
Comments
Can you see if the following fixes your issue? I'm assuming this linux update disables ssh-rsa keys on the client. ssh -oHostKeyAlgorithms=+ssh-rsa -p 2222 root@w6bi-vc-siminorth-5g |
Yes, that works. I believe they've begun deprecating ssh-rsa keys in the Linux distros. If we don't update the AREDN code with newer keys, I suspect we'll be getting more and more complaints about this. |
Given the work around, do we close this issue? It's not a defect, rather a future encryption method the firmware does not yet support. Alternatively, we turn this into an enhancement request at the cost of increasing binary size by about 23 kB: To compile dropbear with the ''DROPBEAR_ECC'' option in menuconfig if you want ECDSA support and document enable admins to generate a key that is the default support in some linux destros. From ''package/network/services/dropbear/Config.in'': config DROPBEAR_ECC bool "Elliptic curve cryptography (ECC)" default n help Enables elliptic curve cryptography (ECC) support in key exchange and public key authentication.
|
I think we should add it the build |
I'd like that, obviously. |
I second this feature enhancement for the Dropbear ssh server in the AREDN firmware. The included SSH client in modern operating systems has deprecated RSA-style keys for some time now. |
After updating my Kubuntu Linux workstation to version 22.04, no longer able to ssh to AREDN nodes. This error is received:
obeach@w6bi-house-pc:~$ ssh -p 2222 root@w6bi-vc-siminorth-5g
Unable to negotiate with 10.14.20.232 port 2222: no matching host key type found. Their offer: ssh-rsa
The text was updated successfully, but these errors were encountered: