Allow RSA signatures using SHA-1 hash algorithm

[dimbleby]

This was disabled by default at openssh 8.8 but is still used by some git implementations eg Azure DevOps

Fixes #3611

Per that issue, would welcome a release containing this fix - flux 1.25.0 is meanwhile not usable for us.

[kingdonb]

I will take your word for it that our images before 1.25.0 did not have this regression, and this is the correct fix. I have not been using either Azure DevOps or Google Code Repository so I haven't seen this behavior in any of my testing.

I think that SHA-1 was deprecated for a reason, but in Flux v1 there is a backwards compatibility guarantee, we should not have broken this. I think we should find a way with gitsrv to emulate the described SHA-1 signature behavior and reproduce the issue in a test, so that we can guarantee it does not reoccur in future updates. 👍 Thanks for the contribution @dimbleby !