[cfarm-users] New aarch64 hardware in Japan

[Mark Adler]

Yep, got it working now. Thanks Jing!

> On Oct 28, 2024, at 2:39 PM, Jing Luo <jing at jing.rocks> wrote:
> 
> On 2024-10-29 05:28, Mark Adler via cfarm-users wrote:
>> Thanks Jing! Liking all them BSDs.
>> While sshing to cfarm420..430, all of them work fine for me _except_
>> cfarm426. For that one I get:
>> Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
>> For anyone here, why might that be?
> 
> Hi there, it looks like your RSA key is very short:
> 
> Oct 28 20:16:27 cfarm426 sshd[4173718]: Connection from 108.226.420.69 port 62959 on 192.168.4.26 port 22426 rdomain ""
> Oct 28 20:16:31 cfarm426 sshd[4173718]: refusing RSA key: Invalid key length [preauth]
> Oct 28 20:16:31 cfarm426 sshd[4173718]: Connection closed by authenticating user madler 108.226.420.69 port 62959 [preauth]
> 
> Looks like Rocky and other RHEL cousins have this global config file requires the RSA key length to be at least 2048, while the OpenSSH default is 1024:
> 
> /etc/crypto-policies/back-ends/opensshserver.config
> 
> ...
> PubkeyAcceptedAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01 at openssh.com,sk-ecdsa-sha2-nistp256 at openssh.com,sk-ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,sk-ssh-ed25519 at openssh.com,sk-ssh-ed25519-cert-v01 at openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01 at openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01 at openssh.com
> ...
> RequiredRSASize 2048
> 
> -- 
> Jing Luo
> About me: https://jing.rocks/about/
> GPG Fingerprint: 4E09 8D19 00AA 3F72 1899 2614 09B3 316E 13A1 1EFC