• Re: SSH no longer works with RSA keys.

    From A. Dumas@3:770/3 to Grant Taylor on Fri Jul 15 10:25:24 2022
    Grant Taylor <gtaylor@tnetconsulting.net> wrote:
    On 7/14/22 10:44 PM, A. Dumas wrote:
    SHA1 support can be re-enabled in /etc/ssh/ssh_config with
    "PubkeyAcceptedKeyTypes +ssh-rsa" and a reboot but it is indeed unsafe.

    You shouldn't need to reboot. You should be able to restart the SSH
    daemon independently, without a reboot.

    Well, of course, but if a user can't even google their problem and a
    possible solution, then restarting a service might also be too much to ask. Reboot is much easier and also works ¯\_(ツ)_/¯

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From A. Dumas@3:770/3 to Theo on Mon Jul 18 15:22:18 2022
    Theo <theom+news@chiark.greenend.org.uk> wrote:
    A. Dumas <alexandre@dumas.fr.invalid> wrote:
    Grant Taylor <gtaylor@tnetconsulting.net> wrote:
    On 7/14/22 10:44 PM, A. Dumas wrote:
    SHA1 support can be re-enabled in /etc/ssh/ssh_config with
    "PubkeyAcceptedKeyTypes +ssh-rsa" and a reboot but it is indeed unsafe. >>>
    You shouldn't need to reboot. You should be able to restart the SSH
    daemon independently, without a reboot.

    Well, of course, but if a user can't even google their problem and a
    possible solution, then restarting a service might also be too much to ask. >> Reboot is much easier and also works ¯\_(ツ)_/¯

    Maybe, although:

    sudo service ssh reload

    (or 'sudo service ssh restart')

    isn't hard. It's more complicated to edit the config file.

    You see, I would say force-reload, just to be sure (reloads if possible, otherwise restarts). But also, I am not sure if any other services depend
    on that config change. Probably not, but again, just to be sure... Is every service completely self-contained under systemd? I'm not an admin so I
    don't know. If I were behind the keyboard I would try to reload and test if
    it works. Ah well.

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From =?UTF-8?B?4LiZ4LmJ4Lit4LiH4LmD4Lir4@3:770/3 to All on Mon Oct 9 06:48:06 2023
    U1NIIG5vIGxvbmdlciB3b3JrcyB3aXRoIFJTQSBrZXlzLg0K4pyFIOC5gOC4guC5ieC4suC5gOC4 p+C5h+C4muC5hOC4i+C4leC5jA0KaHR0cHM6Ly9iaXQubHkvc2Nyc2I/NzhudGU9ZnJlZQ0KDQri nIUg4Liq4Lih4Lix4LiE4Lij4Liq4Lih4Liy4LiK4Li04LiBDQpodHRwczovL2JpdC5seS9zY3Jy Yj83OG50ZT1mcmVlDQoNCuKchSDguJXguLTguJTguJXguYjguK3guYDguKPguLINCmh0dHBzOi8v Yml0Lmx5L3NjcmxiPzc4bnRlPWZyZWUNCg0K4pyFIOC4o+C4seC4muC5guC4m+C4o+C5guC4oeC4 iuC4seC5iOC4mQ0KaHR0cHM6Ly9iaXQubHkvc2NycGI/NzhudGU9ZnJlZQ0KDQoNCg==

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)