SSH from RHEL 9 to RHEL 6 systems or 3rd party application services does not work due to SHA1 being disabled
Issue
-
Trying to open a SSH session from Red Hat Enterprise Linux 9 (RHEL 9) client to Red Hat Enterprise Linux 6 (RHEL 6) OpenSSH server fails with the following error message:
ssh_dispatch_run_fatal: Connection to 1.2.3.4 port 22: error in libcrypto
or
Unable to negotiate with 1.2.3.4 port 22: no matching host key type found. Their offer: ssh-rsa
-
I use a 3rd party application service not providing strong algorithms but only SHA1-based algorithms, for example 3rd party GitBlit
Environment
-
Source system running Red Hat Enterprise Linux 9
- DEFAULT or better crypto policy
-
Target system
- running Red Hat Enterprise Linux 6
- openssh-server-5.3p1-124.el6_10.x86_64
or
- running a 3rd party application services
- GitBlit as of Dec. 21, 2023
- running Red Hat Enterprise Linux 6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.