Deprecated sshd configurations when upgrading to ubuntu 20.04

Question

Deprecated sshd configurations when upgrading to ubuntu 20.04

cegerhardson opened this issue 2 years ago · 1 comments

While working on upgrading our salt configurations for ubuntu 20.04, I noticed these outputs in the logs from sshd:

Jul 12 12:58:40 salt-master.vagrant.psf.io sshd[1220613]: rexec line 65: Deprecated option UseLogin
Jul 12 12:58:40 salt-master.vagrant.psf.io sshd[1220613]: rexec line 66: Deprecated option UsePrivilegeSeparation
Jul 12 12:58:40 salt-master.vagrant.psf.io sshd[1220613]: rexec line 80: Deprecated option RhostsRSAAuthentication
Jul 12 12:58:40 salt-master.vagrant.psf.io sshd[1220613]: Connection from 172.17.0.1 port 60496 on 172.17.0.2 port 22 rdomain ""
Jul 12 12:58:40 salt-master.vagrant.psf.io sshd[1220613]: reprocess config line 80: Deprecated option RhostsRSAAuthentication

I'm not sure what the best approach is, opening this issue to decide how to address this in our configuration.

Answer 1 · 2023-01-23T18:46:24.000Z

It seems that with the upgrade of Ubuntu 20.04, openssh is now operating as version 8.2. This release "removes the "ssh-rsa" (RSA/SHA1) algorithm," as noted here, explaining our deprecated configurations.

A possible avenue to consider addressing this in our configuration is to manually enable UpdateHostKeys, as pointed out here