[Bug 1871465] Re: ssh_config(5) contains outdated information
Launchpad Bug Tracker
1871465 at bugs.launchpad.net
Tue Jul 26 20:25:34 UTC 2022
** Merge proposal linked:
https://code.launchpad.net/~michal-maloszewski99/ubuntu/+source/openssh/+git/openssh/+merge/427460
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1871465
Title:
ssh_config(5) contains outdated information
Status in openssh package in Ubuntu:
Fix Released
Status in openssh source package in Focal:
Triaged
Status in openssh source package in Hirsute:
Won't Fix
Status in openssh source package in Impish:
Won't Fix
Bug description:
The release of OpenSSH 8.2 has removed `ssh-rsa` from the default list
of CACertificateAlgorithms. However the latest `openssh-client` still
ships the man page for ssh_config(5) that contains the following
description:
CASignatureAlgorithms
Specifies which algorithms are allowed for signing of certificates
by certificate authorities (CAs). The default is:
ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
ssh(1) will not accept host certificates signed using algorithms
other than those specified.
As far as I am concerned, `ssh-rsa` should be dropped from the list so
as to match the behavior of ssh(1).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1871465/+subscriptions
More information about the foundations-bugs
mailing list