On Sun, Feb 4, 2024 at 3:31 PM Mark Wielaard <mark@klomp.org> wrote:

> Hi,
>
> On Sun, Feb 04, 2024 at 09:20:33PM +0100, Frank Ch. Eigler via Overseers
> wrote:
> >
> > > I just upgraded my laptop to Fedora 39 CSB, and now ssh to sourceware
> is
> > > rejected with the above error message thanks to the Fedora
> crypto-policies
> > > openssh.config.  I can work around this easily enough by setting
> > > RequiredRSASize to 1024 in my .ssh/config, but surely I'm not the
> first to
> > > run into this?
> >
> > You may be the second.  Nuke all the sourceware references in your
> .ssh/known_hosts and try again.
>
> Yeah, this is a misleading ssh client warning/error:
> https://inbox.sourceware.org/20230308105633.GI22818@gnu.wildebeest.org/
>
> = openssh update produces misleading invalid key length warning
>
> Connecting to sourceware through ssh with a newer openssh or crypto
> policy might produce a misleading warning about the key length being
> too short:
>
>   Bad server host key: Invalid key length
>
> Please don't try to replace your ssh key, there is nothing wrong with
> it. The issue is that you might have an old server key in your
> ~/.ssh/known_hosts file. Simply remove it and reconnect to get the new
> server key:
>
> ssh-keygen -R sourceware.org
> ssh-keygen -R cygwin.com
> ssh-keygen -R gcc.gnu.org
>
> See also https://bugzilla.redhat.com/show_bug.cgi?id=2164016


Thanks for pointing me in the right direction, what a terrible diagnostic.

Jason