Failed connection with SSH servers and clients that do not support the 'server-sig-algs' extension

Solution Verified - Updated -

Issue

  • Red Hat Enterprise Linux 9 clients can’t connect to SSH servers that don’t support the server-sig-algs extension nor ECDSA hostkeys. (a, b)
  • Legacy SSH clients not supporting server-sig-algs extension can not connect to Red Hat Enterprise Linux 9 servers using RSA authentication keys (c, d)

a) The Red Hat Enterprise Linux 9 client connecting to Legacy server supporting only ssh-rsa signature algorithm with SHA1 and providing only RSA hostkey:

$ ssh user@example.com
The authenticity of host 'example.com (1.2.3.4)' can't be established.
RSA key fingerprint is SHA256:ycznxddL1KwSN1Wbih1 UDfPntj5pM1a/kpPKLGgPzEI.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'example.com' (RSA) to the list of known hosts.
ssh_dispatch_run_fatal: Connection to 5.6.7.8 port 22: error in libcrypto

b) The Red Hat Enterprise Linux 9 client connects to a Legacy server supporting only the ssh-rsa signature algorithm, but provides different hostkeys. The client tries to authenticate with RSA key:

$ ssh -vvv user@example.com
[...]
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa RSA SHA256:+z5NN8Z6RfNykL5l6Ht2Cbjj16xGp76TjILrQ4Cftqk
debug1: send_pubkey_test: no mutual signature algorithm
[...]
debug1: No more authentication methods to try.
user@example.com: Permission denied (publickey).

c) The Red Hat Enterprise Linux 9 server can not provide SHA1 signature for the connecting legacy clients (example RHEL6) that negotiate RSA hostkey verification:

$ ssh -vvv example.com
[...]
debug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
[...]
debug2: kex_parse_kexinit: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
[...]
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
no hostkey alg

d) The legacy client authenticates to Red Hat Enterprise Linux 9 using RSA authentication key.

$ ssh -vvv example.com
[...]
debug2: kex_parse_kexinit: hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96
[...]
debug2: kex_parse_kexinit: hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
[...]
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
no hostkey alg

Environment

  • Red Hat Enterprise Linux

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content