Git 2.33.1 breaks rsa/sha-1 negotiation over ssh

[orgads]

• I was not able to find an open or closed issue matching what I'm seeing

The release notes of openssh 8.8, which is shipped with this version, say:

This release disables RSA signatures using the SHA-1 hash algorithm by default. This change has been made as the SHA-1 hash algorithm is cryptographically broken, and it is possible to create chosen-prefix hash collisions for <USD$50K [1]

Our (internal) Git servers still use this algorithm, so we can not connect to any of them with this version of Git. This is the default key that is created by Gerrit, even on version 3.4, which is the latest stable (it was replaced and then reverted).

If you consider this upgrade necessary, please at least postpone it for a major release.

[dscho]

postpone it for a major release.

I fear that this ship has sailed. v2.33.1 is already an official Git for Windows version.

BTW OpenSSH's release notes also have this to say:

[...] the following stanza in ~/.ssh/config will enable RSA/SHA1 for host and user authentication for a single destination host:

Host old-host
  HostkeyAlgorithms +ssh-rsa
  PubkeyAcceptedAlgorithms +ssh-rsa

[orgads]

Thanks for the reference. I didn't notice it. Solved now.

I didn't mean that you "republish 2.33.1", it was more like a comment for next time that a breaking change is inserted.

[xiayitian1003]

I'm in trouble similar to yours.The newest Git 2.33.1 throw error:
Unable to negotiate with 10.150.98.110 port 29418: no matching host key type found. Their offer: ssh-rsa,ssh-dss fatal: Could not read from remote repository.
Then I uninstalled the 2.33.1-Git and reinstalled the 2.33.0.2-Git,it's OK.
I'm a rookie to Git, i can't figure it out why this worked and it just solve my problem.LOL😂

[dscho]

@xiayitian1003 you probably missed the solution:

Host old-host
  HostkeyAlgorithms +ssh-rsa
  PubkeyAcceptedAlgorithms

[alchemistmatt]

Specific example that I can confirm works as a workaround: create file C:\Users\LoginName\.ssh\config
with contents:

Host stash.company.org
  HostkeyAlgorithms +ssh-rsa
  PubkeyAcceptedAlgorithms +ssh-rsa

Update LoginName with your Windows login name and update stash.company.org with your stash (or Git, GitLab, BitBucket, etc.) server name

[alchemistmatt]

I should add, that although the above workaround does work for Stash, the better solution is to generate a new RSA key pair. For example:

cd %userprofile%\.ssh
mkdir OldKeys
move id* OldKeys
ssh-keygen -t ed25519 -C "youremail@mailserver.org"

Next, on your Stash website, under Manage Account, SSH Keys, add a new key, using the contents of the id_ed25519.pub file

[felfert]

I should add, that although the above workaround does work for Stash, the better solution is to generate a new RSA key pair. For example:

cd %userprofile%\.ssh
mkdir OldKeys
move id* OldKeys
ssh-keygen -t ed25519 -C "youremail@mailserver.org"

Next, on your Stash website, under Manage Account, SSH Keys, add a new key, using the contents of the id_ed25519.pub file

That is wrong, IMHO. Your example updates the client keys, while the incompatibility is with host keys on the server side. The workaround in ~/.ssh/config just allows those server-side host keys to be accepted.

Apart from that: It would be nice, if someone with git acces could add a warning for this issue in the release-notes. Not everybody follows all the relese-notes of included packages... just my 2c

[dscho]

someone with git acces

You can always open a PR to edit https://github.com/git-for-windows/build-extra/blob/master/ReleaseNotes.md.

[Eddy555]

For extra info, I was struggling with the config file not working on Windows and Bitbucket
The following page from Atlassian
https://community.atlassian.com/t5/Bitbucket-articles/OpenSSH-8-8-client-incompatibility-and-workaround/ba-p/1826047
pointed me to adding
Host stash.company.org HostkeyAlgorithms +ssh-rsa PubkeyAcceptedAlgorithms +ssh-rsa
to a different file in the Git install folder which worked for me
%PROGRAMFILES%\Git\etc\ssh\ssh_config

[orgads]

That is wrong, IMHO. Your example updates the client keys, while the incompatibility is with host keys on the server side. The workaround in ~/.ssh/config just allows those server-side host keys to be accepted.

At least on my setup, the host keys were Ok. Regenerating my client keys solved the issue for me.

[rimrul]

That is wrong, IMHO. Your example updates the client keys, while the incompatibility is with host keys on the server side. The workaround in ~/.ssh/config just allows those server-side host keys to be accepted.

The issue isn't really an issue of either side, but an incompatibility between the two sides.

• Updating the Server allows both sides to use RSA/SHA-256/512

• Changing to a different key type allows both both sides to switch to that encryption

• Re-enabling RSA/SHA1 allows both sides to communicate in the old deprecated way.

All three are solutions, but the first two should be prefered for security reasons.

%PROGRAMFILES%\Git\etc\ssh\ssh_config

That works, but will be overwriten when updating or reinstalling Git for Windows.

[Eddy555]

%PROGRAMFILES%\Git\etc\ssh\ssh_config

That works, but will be overwriten when updating or reinstalling Git for Windows.

Yeah, I'm just puzzling over this.....

[dscho]

@Eddy555 why not put it into ~/.ssh/config, as suggested earlier?