openssh update broke connectivity

Jude DaShiell jdashiel at panix.com
Wed Aug 19 10:57:06 UTC 2015 

Okay, I wrote the admin and they're going to update their host keys 
soon.  I don't think they were immediately aware what changes openssh 
7.0p1 would bring.

On Wed, 19 Aug 2015, Tony Baechler wrote:

> Date: Wed, 19 Aug 2015 05:42:36
> From: Tony Baechler <tony at baechler.net>
> Reply-To: Linux for blind general discussion <blinux-list at redhat.com>
> To: Linux for blind general discussion <blinux-list at redhat.com>
> Subject: Re: openssh update broke connectivity
> 
> No, GPG isn't necessary and GPG keys are entirely different.  As Sam already 
> said, generating new keys is probably not going to help.  The only thing you 
> can do is try to re-enable those cyphers in ssh_config or write to them 
> explaining the problem.  I thought I read in the release notes that the man 
> pages were updated, but I haven't upgraded here yet, partially for that very 
> reason.  If you temporarily delete your public and private keys in .ssh on 
> the remote system, does it ask you for a password?  If not, generating new 
> keys is a waste of time.  The ssh public key has a .pub extension and is the 
> key you give out to any remote system where you wish to connect.  The private 
> key is the key you don't give out to anyone and should only be on your local 
> system.
>
> On 8/18/2015 7:51 AM, Jude DaShiell wrote:
>>> From what I read in the release notes on openssh.com, dsa and rsa and a
>> whole bunch of other ciphers were depricated.  The ssh-keygen program and
>> man page both need updating to reflect these changes.  In the past, I had
>> generated a key set then copied the key up using ssh-copy-id and I was able
>> to log in after that with ssh.  One thing I don't quite understand in the
>> release notes is a public key (my guess is generated by gnupg) will be
>> needed to use openssh at all.  I hope not since gpg is its own drum of 
>> worms
>> and it wasn't explained how to integrate the keys in those release notes
>> either unless I heard the explanation and didn't understand it.
>> 
>
> _______________________________________________
> Blinux-list mailing list
> Blinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/blinux-list
>

--

More information about the Blinux-list mailing list