Re: Who is the problem kid: Win10 or Fedora?

Fri, 14 Jul 2023 07:47:51 -0700 

On Fri, Jul 14, 2023 at 10:23 AM Walter H. via users
<users@lists.fedoraproject.org> wrote:
>
> I've got a Win10 box und a Fedora  VM
>
> both are latest updates / release [Win10 22H2 19045.3086 and Fedora 38]
>
> I was used to connect to the Fedora VM from the Win10 box
>
> - with the OpenSSH commands, that are nativly available in Windows
> - with WinSCP
> - or the ssh commands inside the WSL [Debian Distribution]
>
> some time ago I noticed that the used keys from the WSL don't work any more;
>
> I added this inside the Fedora in the sshd_config
>
> HostKeyAlgorithms +ssh-rsa
>
> PubkeyAcceptedKeyTypes ssh-rsa
>
> then the login using the keys from WSL were working again;
>
> but why didn't this help to login using the keys via the Win 10 OpenSSH
> commands;
>
> there I had to create new keys
>
> ssh-keygen -t ed25519
>
> and then to modify the above addings like this:
>
> HostKeyAlgorithms +ssh-rsa,ssh-ed25519
>
> PubkeyAcceptedKeyTypes ssh-rsa,ssh-ed25519
>
> the same with WinSCP, there I had to gernerate a new key, too;
>
> the used ssh-rsa keys are refused, even from WSL they work;
>
> a bit confusing/strange;

Personally, I would not worry too much about the key and algorithm
gyrations. The weaker keys are the DSA keys, and they were disabled by
default around OpenSSH 8.0, iirc.

With that said, I have ed25519, ecdsa and rsa keys. I keep rsa keypair
in case I get on an old system. My ssh config looks like:

$ cat ~/.ssh/config
Host *.fsffrance.org fsffrance.org
    User noloader
Host *.opencsw.org opencsw.org
    User jeff
Host *.home.pvt
    User jwalton
Host *
    User jwalton

IdentityFile ~/.ssh/id_ed25519
IdentityFile ~/.ssh/id_ecdsa
# IdentityFile ~/.ssh/id_dsa
IdentityFile ~/.ssh/id_rsa

Protocol 2
PreferredAuthentications publickey,password

I'm not sure about your other problems, like WinSCP. I don't use it.

Jeff
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to