[TriLUG] trilug.org ANCIENT ssh keys

John Broome via TriLUG trilug at trilug.org
Thu Oct 2 21:33:38 EDT 2025 

I think you should let it ride for another couple of years and hit that ten
year-old kernel.

jbroome at pilot:~$ uname -a
Linux pilot 3.13.0-117-generic #164~precise1-Ubuntu SMP Mon Apr 10 16:16:25
UTC 2017 x86_64 x86_64 x86_64 GNU/Linux


I honestly don't know how pilot isn't running 400 bitcoin miners by now.



On Sat, Aug 30, 2025 at 9:02 AM Alan Porter via TriLUG <trilug at trilug.org>
wrote:

>
> Spoken like a VOLUNTEER!
>
> I use this in my .ssh/config to connect to pilot.
>
> Host trilug pilot trilug.org
>      User porter
>      Hostname login.trilug.org
>      HostKeyAlgorithms +ssh-rsa
>      PubkeyAcceptedKeyTypes +ssh-rsa
>
> The root cause of the problem is, of course, that pilot is still
> running Ubuntu 12.04, and in the last decade there have been few
> volunteers willing to devote some time into upgrading it.  And as
> more time passes, that task only gets harder.
>
> My personal opinion is that we also sometimes tend to conflate
> routine maintenance plans with more grand plans of change or
> growth, and so that can cause the upgrade task to become more
> complex than it otherwise would be.
>
> In a volunteer-run organization like TriLUG, it is essential that
> maintenance be made as easy as possible, and that configurations
> be left simple and documented so when there is personnel churn,
> those maintenance tasks are not too difficult to tackle.  A
> prime example of this is how we run LDAP on our "cluster of one"
> because someone thought this was the enterprise grade solution.
> But we do not have an enterprise grade staff or budget or even
> focus to keep things running.  Raise your hand if you are
> proficient in LDAP.  Anyone?  Bueller?
>
> I would go a step further and claim that _IT_IS_OK_ for a
> Linux-focused LUG to use tools that are off-the-shelf and
> perhaps even proprietary in their mission holding regular
> meetings and providing interesting services.  Not every tool
> in our quiver needs to be the exemplar of the FOSS model.
> This dogma has also interfered in keeping things simple enough
> for a group of volunteers to maintain.
>
> So yeah... we should get on the SSH key issue.  Thanks for
> taking that first step of identifying the problem.
>
> Alan
>
>
>
>
> On 2025-08-30 00:00, William Sutton via TriLUG wrote:
> > Would someone with admin access, please, for the love of mercy and
> > the user community, update the sshd key types to something newer than
> > ssh-rsa and ssh-dss?
> >
> > I've been limping my older laptop config using ssh-dss, but my newer
> > laptop is on Fedora 41, and per ssh =Q key, the only algorithm it has
> > in common with trilug.org is ssh-rsa.  But when I try to use that, I
> > get back an error that the only supported keys are ...
> > ssh-rsa,ssh-dss.  Which I would think would mean rsa should work...
> > but clearly noth.
> >
> > William Sutton
>
>
>
> --
> This message was sent to: John Broome <jbroome at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : https://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web  :
> https://www.trilug.org/mailman/options/trilug/jbroome%40gmail.com
> Welcome to TriLUG: https://trilug.org/welcome

More information about the TriLUG mailing list