Issue
Section Client authentication advises to add
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa
to section Host * of /etc/ssh/ssh_config.
At least in OpenSuse Leap 15.3 the command
systemctl restart sshd.service
triggers
(for good or for bad) and those deleted keys are recreated.
man sshd_config
[...]
HostKey
[...]
Note that [...] that the HostKeyAlgorithms option restricts which of the keys are actually used by sshd(8).
[...]
Proposal
Add
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa
to /etc/ssh/sshd_config as well.
Issue
Section Client authentication advises to add
to section
Host *of/etc/ssh/ssh_config.At least in OpenSuse Leap 15.3 the command
triggers
(for good or for bad) and those deleted keys are recreated.
man sshd_config
Proposal
Add
to
/etc/ssh/sshd_configas well.