Description
Gitea Version
1.15.6 built with GNU Make 4.3, go1.16.9 : bindata, timetzdata, sqlite, sqlite_unlock_notify (docker gitea/gitea:1.15.6-rootless)
Git Version
No response
Operating System
No response
How are you running Gitea?
I am running gitea through the docker container gitea/gitea:1.15.6-rootless (image id b26ce93dd8b2)
Database
SQLite
Can you reproduce the bug on the Gitea demo site?
No
Log Gist
No response
Description
Using an OpenSSH 8.8 client, using a Gitea server running the built-in ssh server, it leads to an error due to no mutual signature algorithms between ssh server and client.
debug1: Offering public key: *** RSA SHA256:***
debug1: send_pubkey_test: no mutual signature algorithm
OpenSSH 8.8 deprecated RSA signatures using SHA-1 hashes (release notes here).
The built-in ssh server was not prepared for this deprecation, as per upstream: golang/go#49952
Presumably, once the above upstream issue is fixed and Gitea updates the go ssh module version, the Gitea issue will be fixed as well.
Stopgap solution:
As per the OpenSSH 8.8 release notes, I configured my local OpenSSH 8.8 client (through the ssh_config file) with the following:
Host gitea-host
HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
This was sufficient to stop the "Permission denied (publickey)" messages from appearing and for my fetches, pushes and pulls to start working again.
Screenshots
No response