Re: ssh on FreeBSD 14.3 won't talk to older hosts

On 20/08/2025 15:31, Christian Weisgerber wrote:
> Frank Leonhardt:
>
>> Add the following:
>>
>> HostKeyAlgorithms=+ssh-dss
>> PubkeyAcceptedKeyTypes +ssh-rsa
>> Protocol 2,1
>>
>> I have all three but they may not all be needed in all circumstances, and
>> having protocol 1 isn't something you want to enable unless you're aware of
>> the risks.
> That's cute if "Protocol 2,1" is still accepted for compatibility,
> but there is no risk.  The actual protocol 1 code has been summarily
> deleted from OpenSSH as of release 7.6 (Oct 2017).
>
>> This is IN SPITE of OpenSSH ssh-keygen still generating RSA by default, so
> Actually, that has been Ed25519 since OpenSSH 9.5 (Oct 2023)... but the
> FreeBSD -stable branches haven't picked up that change.
>
>> the default key type it creates it won't use without this hack. Unless I'm
>> missing something.
> There is a difference between a _key type_ and a _public key algorithm_.
> Admittely, those are the same for all other key types except for RSA,
> where there are three algorithms that can all use the same RSA keys:
> * ssh-rsa
> * rsa-sha2-256
> * rsa-sha2-512
>
> The difference is that those use the SHA-1, SHA-256, and SHA-512
> hashes, respectively.  SHA-1 is obsolete and no longer considered
> secure, so the "ssh-rsa" _algorithm_ has been disabled by default.
> You can still use the same "ssh-rsa" _keys_ with rsa-sha2-256 or
> rsa-sha2-512.

Ah, thanks. Good background, and I didn't know a lot of that.

Even if Ed25519 has been the default since OpenSSH, it's a bit much to 
refuse anything else two years after the change! I'd say refuse if five 
year AFTER the default was changed.

Regards, Frank.