I have upgraded a machine from Debian 9 to Debian 10 and now, when I'm connecting there using SSH, I'm getting the following warning:
agent key RSA SHA256:[hash] returned incorrect signature type
As I learned, the issue is that the SHA1 hashing algorithm for key signing is not supported anymore, the SSH server and the SSH client negotiated the SHA512 algorithm to be used instead but KeeAgent returned the signature made using the SHA1 anyway.
Would it be possible to implement key signing using SHA512, please?
Currently, it's not critical, it doesn't have any impact on the ability to successfully connect but it may be causing issues in the future.
dlech
commented
2 years ago
I have upgraded a machine from Debian 9 to Debian 10 and now, when I'm connecting there using SSH, I'm getting the following warning:
As I learned, the issue is that the SHA1 hashing algorithm for key signing is not supported anymore, the SSH server and the SSH client negotiated the SHA512 algorithm to be used instead but KeeAgent returned the signature made using the SHA1 anyway.
Would it be possible to implement key signing using SHA512, please?
Currently, it's not critical, it doesn't have any impact on the ability to successfully connect but it may be causing issues in the future.