On Wed, 28 Sep 2022 16:36:52 -0000 "Carlos Martinez" jcmartinez2129@gmail.com wrote:
After updating to Fedora 37 beta, I was not able to login to a device that uses rsa to authenticate anymore.
The message shown is: "Bad server host key: Invalid key length"
[snip]
debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: rsa-sha2-256 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: curve25519-sha256 need=64 dh_need=64 debug1: kex: curve25519-sha256 need=64 dh_need=64 debug3: send packet: type 30 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug3: receive packet: type 31 debug1: SSH2_MSG_KEX_ECDH_REPLY received Bad server host key: Invalid key length
debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: rsa-sha2-256 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: curve25519-sha256 need=64 dh_need=64 debug1: kex: curve25519-sha256 need=64 dh_need=64 debug3: send packet: type 30 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug3: receive packet: type 31 debug1: SSH2_MSG_KEX_ECDH_REPLY received
This is the critical bit. It looks like a difference in enforcement of rsa key lengths. Here is an old link that had the same error, though the size is probably out of date.
https://stackoverflow.com/questions/48055006/ssh-add-invalid-key-length
I'm guessing that Fedora increased the minimum size of RSA keys in F37. Is it possible to generate a longer key pair? I don't think there is an alternative other than recompiling openssh as the third response to the answer suggests (with a corresponding loss of security).