[pkg-gnupg-maint] Bug#1008573: Workaround for Nitrokey Start
Giovanni Mascellani
gio at debian.org
Mon Sep 26 10:38:22 BST 2022
Hi,
I have a Nitrokey Start that has the same problem, but the suggested
workaround was not enough for me. After a few attempts, I discovered
that I need this in my ssh_config file:
KexAlgorithms -sntrup761x25519-sha512 at openssh.com
HostKeyAlgorithms -ecdsa-sha2-nistp256
Notice that after this change connections to hosts that previously used
a ecdsa-sha2-nistp256 host key will fail key verification and trigger
the usual scary message about a MITM attack.
Thanks, Giovanni.
--
Giovanni Mascellani <g.mascellani at gmail.com>
More information about the pkg-gnupg-maint
mailing list