3

I recently updated a Ubuntu system, and then discovered that the SSH functionality I was employing was no longer supported in the updated version.

How do I revert the sshd.service to the previous release?

(Yes, I do understand that the older sushi needs updated, and that will happen as well)

I tried the work around with the following additions on the /etc/ssh/ssh_config on the client:

HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa

But I still see:

debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /home/its_demo2/.ssh/id_rsa.pub RSA SHA256:Ml5N2i3iOCN04zqjnpT1y7dQvKOQZT9zsOT5GPE5KFk explicit
debug1: send_pubkey_test: no mutual signature algorithm
debug2: we did not send a packet, disable method
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Artur Meinild
  • 21,605
  • 21
  • 56
  • 89
LinuxDad
  • 31
  • 1
  • 4
  • 1
    Does this answer your question? [SSH without password does not work after upgrading from 18.04 to 22.04](https://askubuntu.com/questions/1404049/ssh-without-password-does-not-work-after-upgrading-from-18-04-to-22-04) – Artur Meinild Jun 09 '22 at 11:29
  • Also see [this question](https://askubuntu.com/questions/1408000/unable-to-locate-package-libssl1-1/) on why it might *not* be a good idea to downgrade system security packages and libraries in general. – Artur Meinild Jun 09 '22 at 11:34
  • Did you change the `/etc/ssh/ssh_config` file on the client side? – Artur Meinild Jun 09 '22 at 13:21
  • 1
    Yes I did but I still get debug1: send_pubkey_test: no mutual signature algorithm – LinuxDad Jun 09 '22 at 13:35
  • Ok, I hope someone else can chime in then. – Artur Meinild Jun 09 '22 at 13:38
  • Thanks fr trying Arthur. – LinuxDad Jun 09 '22 at 13:39
  • Oh maybe I misread your question. Could you try [this solution instead](https://askubuntu.com/a/1409528/1066942)? (Generate a new keypair with a more modern cipher, if this is an option?) – Artur Meinild Jun 09 '22 at 13:49
  • How do I mark this as solved? – LinuxDad Jun 09 '22 at 19:30
  • You write up an answer detailing what you did to make it work. – Artur Meinild Jun 09 '22 at 21:24
  • Does this answer your question? [Ubuntu 22.04 SSH the RSA key isn't working since upgrading from 20.04](https://askubuntu.com/questions/1409105/ubuntu-22-04-ssh-the-rsa-key-isnt-working-since-upgrading-from-20-04) – user68186 Oct 03 '22 at 15:12

1 Answers1

4

I had a problem connecting to older devices, and I made it work in Ubuntu 22.04 with OpenSSH 8.9 / OpenSSL 3.0.2 by adding the following lines in the Host section of /etc/ssh/ssh_config on the client side:

HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa

This will restore functionality of the legacy RSA SHA-1 hash algorithm for the SSH client.

Note of caution: Be aware that this will potentially make connections less secure (but still to the level of Ubuntu 20.04).

Artur Meinild
  • 21,605
  • 21
  • 56
  • 89