Connecting to OpenSSH w/ OpenSSL-1.1.1d: Unknown key type rsa-sha2-512

[mgorny]

Bug description

Upon attempting to connect to my home computer, I get the following error:

Key exchange was not finished, connection is closed.
The server hostkey was not accepted by the verifier callback.
Unknown key type rsa-sha2-512

Steps to reproduce

I have just added the host and choose the connect. I'm sorry but the machine's on local network without public IP address or full-time connectivity.

Expected behavior

I expected it to connect just fine ;-).

Android device

• Device: Motorola MotoG6
• OS: Android 9 PPSS29.55-37-4-3
• TermBot Version: 1.9.5-77-08fcc7c-termbot

Server information

• OS: Gentoo Linux
• SSH Software and Version: OpenSSH_8.0p1-sctp-1.2, OpenSSL 1.1.1d 10 Sep 2019
• Pubkeys used (if applicable): apparently it uses RSA server key, it didn't get to client key

Additional context

Downgrading OpenSSL to 1.1.1c resolves the problem.

[mgorny]

Reported on Gentoo end, in case it was bug in OpenSSL: https://bugs.gentoo.org/694984

[antonpiatek]

I get the same issue - using instructions from https://bugs.gentoo.org/694984 to block 4x rsa2 algorithms allows it to work HostKeyAlgorithms -rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-512 but as mentioned in the gentoo bug it should not be required for the server not to advertise a supported algorithm, the client should simply ignore ones it does not want to use

[hagau]

This is fixed in connectbot/sshlib@e6a49c5. Unfortunately, that commit has not made it into a release of sshlib yet.

[nmz787]

I switched to termbot and it works out of the box.

[dschuermann]

AFAIK this should be fixed.