On 2023-04-06, John Scott wrote: > It seems bugs #998728, 1008573, and #1032907 are all the same. Perhaps > the maintainers would like to merge them. > > Thanks for your workaround, Vagrant; I found that adding > KexAlgorithms -sntrup761x25519-sha512@openssh.com > to my ~/.ssh/config allows me to connect to a Bookworm machine, from > Bookworm, and also to hosts running a newer OpenSSH daemon. With the recent update of openssh in bookworm (1:9.2p1-2+deb12u4) this no longer seems a sufficient workaround; I can no longer ssh in to machines running this version of openssh. My hunch is the problem was introduced in a new and exciting way with: https://bugs.debian.org/1088873 openssh: please add sntrup761x25519-sha512 as an alias to sntrup761x25519-sha512@openssh.com in 9.2/Bookworm Specifying both in ~/.ssh/config does not work around the issue for me: KexAlgorithms -sntrup761x25519-sha512@openssh.com,-sntrup761x25519-sha512 live well, vagrant
Attachment:
signature.asc
Description: PGP signature