On 2024-06-21 23:24, Rick Smegal via openSUSE Users wrote:
Solved! ssh-rsa algorithm for public key authentication (using SHA1 hash) has been deprecated (https://levelup.gitconnected.com/demystifying-ssh-rsa-in-openssh-deprecation...) and is excluded from the general crypto policies of Leap_15.6 (/usr/share/crypto-policies/DEFAULT/openssh.txt).
The clue using ssh -vv were the lines: debug1: send_pubkey_test: no mutual signature algorithm debug2: we did not send a packet, disable method
The fix was to add: HostKeyAlgorithms +ssh-rsa PubkeyAcceptedAlgorithms=+ssh-rsa
to the user configuration (~/.ssh/config) related to particular host servers and remove them for all other host servers with:
# Disable SSH forwarding on all other machines # remove public key algorithm ssh-rsa since it is deprecated Host * ForwardAgent no HostKeyAlgorithms -ssh-rsa PubkeyAcceptedAlgorithms= -ssh-rsa
That's a very interesting solution, thanks for sharing! :-) -- Cheers / Saludos, Carlos E. R. (from 15.5 x86_64 at Telcontar)