How to disable RSA and ECDSA keys in openssh-server on Fedora Linux

Question

I read that RSA and EDCSA algorithms are inferior to Ed25519 in terms of speed and space, and for my small Beowulf cluster, I'd like to just use Ed25519. However, when I try to remove, truncate, or otherwise ditch the keys in /etc/ssh, the sshd server rebuilds new ones each time it starts.

I tried the solutions in https://apple.stackexchange.com/questions/342836/disable-ecdsa-ssh-host-keys to no avail. New keys are created each time the server starts. And setting HostKeyAlgorithms to exclude these kinds failed as well.

It would even help if I could get the server to NOT prefer ECDSA -- it seems to use these whenever it can.

score 4 · Answer 1 · answered Jan 17 '23 at 00:35

I presume you are using OpenSSH? First use ssh -Q key to list all the supported keys in your version. The relevant part in the manual is

-Q cipher | cipher-auth | mac | kex | key | protocol-version
Queries ssh for the algorithms supported for the specified version 2. The available features are: cipher (supported symmetric ciphers), cipher-auth (supported symmetric ciphers that support authenticated encryption), mac (supported message integrity codes), kex (key exchange algorithms), key (key types) and protocol-version (supported SSH protocol versions).

With that information, set explicitly the ones you want in /etc/sshd_config and reload. For example:

PubkeyAcceptedKeyTypes ssh-ed25519,ssh-ed25519-cert-v01@openssh.com

score 1 · Answer 2 · answered Sep 20 '24 at 13:08

on fedora 40

tl;dr

here's a one liner:

echo "PubkeyAcceptedAlgorithms $(grep \
  PubkeyAcceptedAlgorithms \
  /etc/crypto-policies/back-ends/opensshserver.config \
  | cut -d ' ' -f 2 \
  | tr ',' '\n' \
  | grep --invert-match -E 'ecdsa|rsa' \
  | head -c -1 \
  | tr '\n' ',')" | sudo tee /etc/ssh/sshd_config.d/39-ed25519-only.conf

q.e.d.

there's nothing of interest in /etc/ssh/sshd_config, so we explore deeper:

sudo ls -ahl /etc/ssh/sshd_config.d

which yields:

-rw-------. 1 root root  412 Jan 25  2024 40-redhat-crypto-policies.conf
-rw-------. 1 root root  307 Jan 25  2024 50-redhat.conf

there's nothing of interest in /etc/ssh/sshd_config.d/50-redhat.conf, but:

sudo cat /etc/ssh/sshd_config.d/40-redhat-crypto-policies.conf

yields:

# This system is following system-wide crypto policy. The changes to
# crypto properties (Ciphers, MACs, ...) will not have any effect in
# this or following included files. To override some configuration option,
# write it before this block or include it before this file.
# Please, see manual pages for update-crypto-policies(8) and sshd_config(5).
Include /etc/crypto-policies/back-ends/opensshserver.config

this is interesting for two reasons:

we learn that we need our override config to be read before the default distro config
we learn the real location of the default distro config

so, we analyse that:

grep PubkeyAcceptedAlgorithms /etc/crypto-policies/back-ends/opensshserver.config \
  | cut -d ' ' -f 2 \
  | tr ',' '\n'

yields the distro default list of accepted algorithms:

ecdsa-sha2-nistp256
ecdsa-sha2-nistp256-cert-v01@openssh.com
sk-ecdsa-sha2-nistp256@openssh.com
sk-ecdsa-sha2-nistp256-cert-v01@openssh.com
ecdsa-sha2-nistp384
ecdsa-sha2-nistp384-cert-v01@openssh.com
ecdsa-sha2-nistp521
ecdsa-sha2-nistp521-cert-v01@openssh.com
ssh-ed25519
ssh-ed25519-cert-v01@openssh.com
sk-ssh-ed25519@openssh.com
sk-ssh-ed25519-cert-v01@openssh.com
rsa-sha2-256
rsa-sha2-256-cert-v01@openssh.com
rsa-sha2-512
rsa-sha2-512-cert-v01@openssh.com

to get the same list with rsa and ecdsa algorithms removed:

grep PubkeyAcceptedAlgorithms /etc/crypto-policies/back-ends/opensshserver.config \
  | cut -d ' ' -f 2 \
  | tr ',' '\n' \
  | grep --invert-match -E 'ecdsa|rsa' \
  | head -c -1 \
  | tr '\n' ','

normally a higher numbered conf.d file denotes precedence when it's config is read last and overwrites an earlier declaration, but we learned earlier:

To override some configuration option, write it before this block or include it before this file

so we create a lower numbered file at:

/etc/ssh/sshd_config.d/39-ed25519-only.conf

containing a single line:

PubkeyAcceptedAlgorithms ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com

then a restart of the sshd server should make our new accepted key algorithm settings take effect:

sudo systemctl restart sshd.service

we can verify it has worked by attempting an ssh connection with an rsa key:

ssh -v -i ~/.ssh/id_rsa hostname.example.com

which yields:

...
Skipping ssh-rsa key /home/user/.ssh/id_rsa - corresponding algorithm not supported by server
...

score 0 · Answer 3 · answered Jan 21 '23 at 19:38

I have come to the conclusion there is no answer -- on Fedora, at least.

As mentioned in a comments to guidux' answer, there is a solution for Apple products' ssh server, and I have tried it with success on my Xubuntu systems -- so it seems likely they will work on all Debian-related distributions. However on Fedora these "solutions" either fail, or they prevent the ssh server from starting, and this may apply to all RedHat-related distributions.

How to disable RSA and ECDSA keys in openssh-server on Fedora Linux

3 Answers3

on fedora 40

tl;dr

q.e.d.