Skip to content

Re-allow RSA host keys with SSH#24

Merged
Burnett01 merged 1 commit intoBurnett01:release/5.3from
jasongill:patch-1
Mar 24, 2022
Merged

Re-allow RSA host keys with SSH#24
Burnett01 merged 1 commit intoBurnett01:release/5.3from
jasongill:patch-1

Conversation

@jasongill
Copy link
Contributor

@jasongill jasongill commented Mar 2, 2022

RSA host keys are disabled by default on OpenSSH 8.8+ which is used by the base Alpine image, but many servers still use RSA host keys. See https://www.openssh.com/txt/release-8.8 under "Potentially-incompatible changes".

Obviously the ideal solution would be to upgrade OpenSSH on the destination servers, but that's not always feasible, so to allow this Github Action to work with older SSH servers, this pull requests adds the required ssh command line options to re-enable support for SSH host keys.

If you are using an up-to-date SSH server version, the option is ignored so this doesn't weaken security for anyone who is using a more secure server version.

Due to the way the entrypoint.sh script is written, I don't know that there's any better way to set these SSH command line options - you cannot override the "-e" option on the rsync command line using the "switches" variable as it gets overwritten after the switches are specified.

@jasongill
Allow RSA host keys
c7baefd 
RSA host keys are disabled by default on OpenSSH 8.8+ which is used by the base Alpine image, but many servers still use RSA host keys
@Burnett01
Copy link
Owner

Burnett01 commented Mar 9, 2022

Hello @jasongill thank you for your contribution. I‘m planning on implementing a CI pipeline that can test the current implementation against multiple SSH servers. Your change will also then tested against it and merged afterwards.

The pipeline will be ready in a week.

Thanks once again and expect my reply.

Greetings :)

@Burnett01 Burnett01 self-assigned this Mar 9, 2022
@Burnett01 Burnett01 self-requested a review March 9, 2022 23:06
@Burnett01 Burnett01 added the enhancement New feature or request label Mar 9, 2022
@Burnett01 Burnett01 changed the base branch from master to release/5.3 March 24, 2022 18:04
@Burnett01
Copy link
Owner

Burnett01 commented Mar 24, 2022

Hey Jason I switched the base target to release/5.3 and will conduct the testing and release prep on that branch. It could take some time until I report back.

@Burnett01
Copy link
Owner

Burnett01 commented Mar 24, 2022

Thanks for your contribution once again.
This PR will be merged into release/5.3 and that branch will then be tested.

@Burnett01 Burnett01 merged commit a078b62 into Burnett01:release/5.3 Mar 24, 2022
@Burnett01 Burnett01 removed their request for review March 24, 2022 18:07
@jasongill jasongill deleted the patch-1 branch May 12, 2022 12:44
@jasongill
Copy link
Contributor Author

jasongill commented May 12, 2022

great, thanks @Burnett01! looking forward to the new version. thank you for your hard work on this great Github Action!

@Burnett01 Burnett01 mentioned this pull request Nov 29, 2023
Closed
@Burnett01 Burnett01 mentioned this pull request Mar 6, 2024
Merged
Burnett01 added a commit that referenced this pull request Mar 6, 2024
@Burnett01
feat: configuarable legacy RSA hostkeys support
0087195 
Ability to configure legacy rsa hostkeys support for
OpenSSH servers < 8.8.
Related to #24 and  9603fc8
@Burnett01 Burnett01 mentioned this pull request Mar 6, 2024
Merged
Copilot AI mentioned this pull request Sep 18, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@Burnett01 Burnett01

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jasongill @Burnett01