https://bugzilla.suse.com/show_bug.cgi?id=1211301 https://bugzilla.suse.com/show_bug.cgi?id=1211301#c34 Michal Suchanek <msuchanek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |msuchanek@suse.com --- Comment #34 from Michal Suchanek <msuchanek@suse.com> --- This breaks existing openssh setups. It goes something like this: On SLE11 a 1024bit RSA key is generated. Clients connect to the server and save the key as known. Later SSH is upgraded and generates an ED25519 key. However, clients who have seen the server before have the 1024bit RSA key, and will reject the server offering a 1024bit RSA key. It's not clear if the clients don't save the additional keys once they have one or if they reject the server if any of the keys is weak even if strong keys are known. Either way, this is a regression, clients can no longer connect, for no good reason. -- You are receiving this mail because: You are on the CC list for the bug.