SSH public key auth broken with Fedora 33
New crypto settings in Fedora 33 breaks current public key authentication:
The proposed fix for now is:
sudo update-crypto-policies --set LEGACY
- Status changed from New to Feedback
I re-entered my public key and all worked well as it did before after an upgrade. Also, before re-entering my public key it also worked.
That said, my HDA is an F33 system that comes from a string of OS upgrades, so it's not a clean install.
We'd have to test with a clean install. I do suspect that it may not affect us much.
For one thing, it's mostly about connecting to "legacy (TLS1.0, TLS1.1) servers" which we do not directly support. Users can add a cert, etc., but it may just mean that newer stacks are requires and most browsers have them, so it may not impact a lot.
The other thing is ssh access. In general, we have been using newer or more advanced "curves" for sshd in the Amahi servers that provide online services for Amahi users and it has not been a real problem.
That said, we have to check on a clean install, especially if we want to support Let's Encrypt certs, which, now that they support wildcard certs, is much easier than a little while ago.
Also available in: Atom