<div dir="ltr"><div dir="ltr"><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small"><span style="font-family:Arial,Helvetica,sans-serif">On Mon, 15 Jun 2020 at 16:52, Matt Johnston <<a href="mailto:matt@ucc.asn.au">matt@ucc.asn.au</a>> wrote:</span><br></div></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
This release also supports rsa-sha2 signatures which will be<br>
required by OpenSSH in the near future - rsa with sha1 will<br>
be disabled. This doesn't require any change to<br>
hostkey/authorized_keys files.<br></blockquote><div> </div><div><span class="gmail_default" style="font-size:small"><font face="arial, sans-serif">Apologies if I'm being obtuse; with newer version of openssh client the new dropbear won't accept rsa keys:</font></span></div><div><span class="gmail_default" style="font-family:verdana,sans-serif;font-size:small"><br></span></div><span class="gmail_default" style="font-family:verdana,sans-serif;font-size:small"></span><font face="monospace">ssh -v <a href="mailto:root@172.22.232.152">root@172.22.232.152</a> -p 2222<br>OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017<br><span class="gmail_default" style="font-size:small">[snip]</span></font></div><div class="gmail_quote"><font face="monospace">debug1: Next authentication method: publickey<br><span class="gmail_default" style="font-size:small"></span>debug1: Offering RSA public key: rsa-key-20180607<br>debug1: <b><span class="gmail_default" style="font-family:verdana,sans-serif;font-size:small"></span>Server accepts key: pkalg rsa-sha2-256 blen 277</b><br></font><div><font face="monospace"><span class="gmail_default" style="font-size:small"></span>Authentication failed.</font></div><div><font face="monospace"><br></font></div><div><div class="gmail_default" style="font-size:small"><font face="monospace"></font><font face="arial, sans-serif">but with older versions it does:</font></div><font face="monospace"><br></font></div><div><div class="gmail_default" style="font-size:small"><font face="monospace">ssh -v <a href="mailto:root@172.22.232.152">root@172.22.232.152</a> -p 2222<br>OpenSSH_5.8p2, OpenSSL 0.9.8o 01 Jun 2010<br></font></div><div class="gmail_default" style="font-size:small"><font face="monospace">[snip]</font></div><div class="gmail_default" style="font-size:small"><font face="monospace">debug1: Offering RSA public key: rsa-key-20180607<br>debug1: <b>Server accepts key: pkalg ssh-rsa blen 277</b><br>debug1: Authentication succeeded (publickey).</font><br></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small"></div><div class="gmail_default" style="font-size:small"><font face="arial, sans-serif">Is there a config option I'm missing?</font></div><div class="gmail_default" style="font-size:small"><font face="arial, sans-serif"><br></font></div><div class="gmail_default" style="font-size:small"><font face="arial, sans-serif">Thanks</font></div><div class="gmail_default" style="font-size:small"><font face="arial, sans-serif"><br></font></div><div class="gmail_default" style="font-size:small"><font face="arial, sans-serif">Geoff</font></div><br></div></div></div>