On Thu, Oct 31, 2024 at 7:40 PM Max Pyziur <p...@brama.com> wrote: > > > On 10/31/2024 1:32 PM EDT Charlie Dennett <cdenn...@gmail.com> wrote: > > > > > /etc/ssh/ssh_config line 57: Bad key types > > > 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519'. > > > /etc/ssh/ssh_config line 58: Bad key types > > > 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519'. > > > /etc/ssh/ssh_config: terminating, 2 bad configuration options > > > > > > I know that this is an occasional occurrence post upgrade. > > > > > > Thank you for any and all advice. > > > > Just some guesswork here. On my system /etc/ssh/ssh_config includes other > > files (which includes other files). I found the list of key types listed in > > /etc/crypto-policies/back-ends/openssh.config (which is a sym link to > > /usr/share/crypto-policies/DEFAULT/openssh.txt). I'd check in that > > back-ends directory (and the DEFAULT directory the link points to) and see > > if there is a file ending in .rpmnew. Sometimes a package update will add > > that to a file name if the original file has been changed. If so, you can > > replace the file with the newer version. > > > > Also, those files come from: > > > > rpm -q --whatprovides /etc/crypto-policies/back-ends/openssh.config > > crypto-policies-20241010-1.git8baf557.fc41.noarch > > > > You can always try reinstalling that package. > > As I said, this is just some guesswork. > > Indeed, there was a ssh_config.rpmnew file that was present. Doing an sdiff > -s, the following results show up: > root@Gryphon:/etc/ssh# sdiff -s -w 180 bak/ssh_config ssh_config > # $OpenBSD: ssh_config,v 1.35 2020/07/17 03:43:42 dtucker Exp $ > | # $OpenBSD: ssh_config,v 1.36 2023/08/02 23:04:38 djm Exp $ > # CheckHostIP yes > | # CheckHostIP no > > < > HostKeyAlgorithms > ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-e < > PubkeyAcceptedKeyTypes > ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256, <
You might consider using `rpmconf -a` in the future.[1] And the other post-upgrade tasks are helpful, too. > Backup the old ssh_config, push ssh_config.rpmnew to ssh_config, and things > work. [1] <https://docs.fedoraproject.org/en-US/quick-docs/upgrading-fedora-offline/#sect-update-system-configuration-files> Jeff -- _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
