> On 10/31/2024 1:32 PM EDT Charlie Dennett <cdenn...@gmail.com> wrote:
> 
> 
> 
> 
> 
> On Thu, Oct 31, 2024 at 10:48 AM Max Pyziur <p...@brama.com> wrote:
> > Greetings again, 

[deleted for the sake of brevity]

> >  /etc/ssh/ssh_config line 57: Bad key types 
> > 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519'.
> >  /etc/ssh/ssh_config line 58: Bad key types 
> > 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519'.
> >  /etc/ssh/ssh_config: terminating, 2 bad configuration options
> >  
> >  I know that this is an occasional occurrence post upgrade. 
> >  
> >  Thank you for any and all advice.
> 
> Just some guesswork here. On my system /etc/ssh/ssh_config includes other 
> files (which includes other files). I found the list of key types listed in 
> /etc/crypto-policies/back-ends/openssh.config (which is a sym link to 
> /usr/share/crypto-policies/DEFAULT/openssh.txt). I'd check in that back-ends 
> directory (and the DEFAULT directory the link points to) and see if there is 
> a file ending in .rpmnew. Sometimes a package update will add that to a file 
> name if the original file has been changed. If so, you can replace the file 
> with the newer version.
> 
> Also, those files come from:
> 
> rpm -q --whatprovides /etc/crypto-policies/back-ends/openssh.config 
> crypto-policies-20241010-1.git8baf557.fc41.noarch
> 
> You can always try reinstalling that package.
> As I said, this is just some guesswork.

Indeed, there was a ssh_config.rpmnew file that was present. Doing an sdiff -s, 
the following results show up:
root@Gryphon:/etc/ssh# sdiff -s -w 180 bak/ssh_config ssh_config
#       $OpenBSD: ssh_config,v 1.35 2020/07/17 03:43:42 dtucker Exp $           
      | #       $OpenBSD: ssh_config,v 1.36 2023/08/02 23:04:38 djm Exp $
#   CheckHostIP yes                                                             
      | #   CheckHostIP no
                                                                                
      <
HostKeyAlgorithms 
ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-e <
PubkeyAcceptedKeyTypes 
ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256, <

Backup the old ssh_config, push ssh_config.rpmnew to ssh_config, and things 
work. 

Thank you.

Max



> --
> Charlie
> -- 
> _______________________________________________
> users mailing list -- users@lists.fedoraproject.org
> To unsubscribe send an email to users-le...@lists.fedoraproject.org
> Fedora Code of Conduct: 
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: 
> https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
> Do not reply to spam, report it: 
> https://pagure.io/fedora-infrastructure/new_issue
-- 
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to