RSA using SHA1
cummingscody opened this issue · 9 comments
Describe the Bug
Bolt run from RHEL6->RHEL9 with RSA key errors out when using net-ssh
all authorization methods failed (tried none, publickey, password)
"target":"cilv6s015","action":"command","object":null,"status":"failure","value":"_error":"details":,"kind":"puppetlabs.tasks/connect-error","msg":"Authentication failed for user root@cilv6s015","issue_code":"AUTH_ERROR"
Failed on cilv6s015:
Authentication failed for user root@cilv6s015
Expected Behavior
Should be able to connect and run commands without native-ssh: true
Steps to Reproduce
Steps to reproduce the behavior:
- Populate inventory.yaml
Include RSA underprivate-key(private-key: ~/.ssh/id_rsa_bolt)
Environment
- Version 3.23.0
- RH6->RH9
Additional Context
Quick inspection looks net-ssh < 7 doesn't allow for SHA2 with RSA keys.
@cummingscody Unfortunately Bolt is limited to whatever algorithms are supported in net-ssh. Deprecated algorithms are disabled by default, though you can enable them with the ssh.*-algorithms config options listed here. Have you tried setting those?
This issue has not had activity for 60 days and will be marked as stale.
If this issue continues to have no activity for 7 days, it will be closed.
This issue has not had activity for 60 days and will be marked as stale.
If this issue continues to have no activity for 7 days, it will be closed.
This issue has not had activity for 60 days and will be marked as stale. If this issue continues to have no activity for 7 days, it will be closed.
This is still an issue.
This issue has not had activity for 60 days and will be marked as stale.
If this issue continues to have no activity for 7 days, it will be closed.
I still think this is a valid issue and the bot is absolutely useless and just creates a burden on the contributor side.