Chapter 6. Configuring SSH to use RSA

SSH is used to clone Git repositories. By default, the DSA encryption algorithm is provided by Business Central. However, some SSH clients, for example SSH clients in the Fedora 23 environment, use the RSA algorithm instead of the DSA algorithm. Business Central contains a system property that you can use to switch from DSA to RSA if required.

Note

SSH clients on supported configurations, for example Red Hat Enterprise Linux 7, are not affected by this issue. For a list of supported configurations, see Red Hat Decision Manager 7 Supported Configurations.

Procedure

Complete one of the following tasks to enable this system property:

  • Modify the ~/.ssh/config file on client side as follows to force the SSH client to accept the deprecated DSA algorithm:

    Host <SERVER_IP>
           HostKeyAlgorithms +ssh-dss
  • Include the -Dorg.uberfire.nio.git.ssh.algorithm=RSA parameter when you start Decision Central, for example:

    $ ./standalone.sh -c standalone-full.xml
    -Dorg.uberfire.nio.git.ssh.algorithm=RSA