I am having some problems with understanding which types of host keys my SSH daemon actually provides or supports (stock debian buster, sshd 7.9.p1). From the manual (
Specifies the host key algorithms that the server offers. The default for this option is:
The list of available key types may also be obtained using "ssh -Q key".
Please note the last line. When following the advice given there:
root@odysseus /var/log # ssh -Q key
I’ve got two questions:
As an example, the man page states that
rsa-sha2-256 is part of the default for
HostKeyAlgorithms. But this string does not appear in the output of
ssh -Q key.
How does this fit together? How can something be a default which even doesn’t exist?
The above example implies that
ssh-rsa might be insecure, because it doesn’t have
sha2 in its name, and thus might be
sha1 or even
md5 based (of course, my host keys are actually created by
ssh-keygen with sha2-256 fingerprint, so that actually can’t be a problem, but I’d like to understand those key type names nevertheless).
What does the string
-email@example.com in some of the algorithm type names mean? Are these the types for certificate-based authentication?
Most of us probably restored cPanel/wordpress backup manually on new hosting account. As described here: [url]https://www.namecheap.com/supp… | Read the rest of https://www.webhostingtalk.com/showthread.php?t=1843221&goto=newpost