OpenSSH 8.2 has deprecated rsa-sha signatures in certificates. If you try to use an SSH Certificate to login to a system upgraded to 8.2 that was previously working, you will get the error ssh-rsa signature algorithm not supported reported by SSHD. This can also happen with Host Certificates if the client SSH version is upgraded to 8.2.
Further reading on this here: https://ibug.io/blog/2020/04/ssh-8.2-rsa-ca/
In order to resolve this, a newer SHA256 or SHA512 hash is required. I found a way to request these newer hashes in the x/crypto/ssh/agent code, but it is hidden behind the unexported agentKeyringSigner struct without an exported Interface for the needed SignWithOpts.
There is a way to work around this by declaring a local Interface for SignWithOpts and casting the returned Signer to that Interface. I've implemented this approach here:
digitallumens/ssh-cert-authority@70baa54b27805103f3374c829fbc6900a563c87f
I don't think there would be an easier or cleaner way to doing this without some changes made to x/crypto/ssh. If this looks reasonable, I can make a pull request.
OpenSSH 8.2 has deprecated rsa-sha signatures in certificates. If you try to use an SSH Certificate to login to a system upgraded to 8.2 that was previously working, you will get the error
ssh-rsa signature algorithm not supported
reported by SSHD. This can also happen with Host Certificates if the client SSH version is upgraded to 8.2. Further reading on this here: https://ibug.io/blog/2020/04/ssh-8.2-rsa-ca/In order to resolve this, a newer SHA256 or SHA512 hash is required. I found a way to request these newer hashes in the x/crypto/ssh/agent code, but it is hidden behind the unexported agentKeyringSigner struct without an exported Interface for the needed SignWithOpts.
There is a way to work around this by declaring a local Interface for SignWithOpts and casting the returned Signer to that Interface. I've implemented this approach here: digitallumens/ssh-cert-authority@70baa54b27805103f3374c829fbc6900a563c87f
I don't think there would be an easier or cleaner way to doing this without some changes made to x/crypto/ssh. If this looks reasonable, I can make a pull request.