Comment 6 for bug 1790963

Description of problem:
The OpenSSH server in RHEL7.6 does not send complete list of signature algorithms in SHA2 extension.

debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>

This causes failures if the client is on OpenSSH 7.8p1+ (Fedora 28+) and for some reason disabled the rsa-sha2-* public key algorithms with PubkeyAcceptedKeyTypes configuration option.

The correct list should look like this:

debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,null>

This does not affect any other key types at this moment.

Version-Release number of selected component (if applicable):
openssh-7.4p1-16

How reproducible:
specific configuration

Steps to Reproduce:
1. Install OpenSSH 7.8p1 (Fedora 28+)
2. Configure pubkey authentication using RSA key with remote server example.com
3. ssh -vvv -o PubkeyAcceptedKeyTypes=ssh-rsa example.com

Actual results:

debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:I1XXiJ/wkXC6Vn8ohZVHcJTCCKoPKm4mL8qtjtyNMhw /home/lslebodn/.ssh/id_rsa
debug1: send_pubkey_test: no mutual signature algorithm

Expected results:

The authentication should proceed using ssh-rsa algorithm.

Additional info:
This is a change in OpenSSH 7.8 that it is getting more strict about handling this extension. Unfortunately we carry broken version in RHEL7, which is not sending complete list of algorithms.

Workaround:
In client, list also the SHA2 extension algorithms:

PubkeyAcceptedKeyTypes rsa-sha2-256,rsa-sha2-512

If you need to adjust this list, rather use the + sign.

Thanks lslebodn for reporting this issue to me.