AWS CodeCommit fails to authenticate via ssh after upgrading to Ubuntu 22.04 (Jammy)

Question

I just upgraded my desktop to Ubuntu 22.04. When I attempt to push to one of my git repos on AWS CodeCommit (using ssh) I get:

$ git push origin master
Unable to negotiate with 52.94.226.180 port 22: no matching host key type found. Their offer: ssh-rsa
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

If I try the same thing on a computer that uses the previous version of Ubuntu, using the same keys and ssh configuration, the push succeeds:

$ git push origin master
[master 879fbb1] -
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100755 Blah.pdf
To ssh://git-codecommit.us-east-1.amazonaws.com/v1/repos/my_repo
   e360ec8..879fbb1  master -> master

I added HostKeyAlgorithms +ssh-rsa to the entry in ~/.ssh/config, so it looks like this:

Host git-codecommit.*.amazonaws.com
  HostKeyAlgorithms +ssh-rsa
  IdentityFile ~/.ssh/codecommit_rsa
  User XXXXXXXX

Now I get a different error:

$ git push origin master
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Maybe this might help?

$ sudo scanssh -s ssh 52.94.226.180
52.94.226.180:22 SSH-2.0-AWSCodeCommit VGh1LCAyOCBBcHIgMjAyMiAyMDozOToyMSArMDAwMFRE84lk14QcsWNrhwqxNLNmRuhBFhi2T0uc9R+6yS0sQklQWVZaOGpobGJHYWdvUER3MHhUVTYzY3c5SzlXSEFNOTRYNWdKMW0yY3M9
Effective host scan rate: 1.02 hosts/s

Answer 1

Add the line PubkeyAcceptedKeyTypes +ssh-rsa as well to your entry to your ~/.ssh/config, so it looks like this:

Host git-codecommit.*.amazonaws.com
  IdentityFile ~/.ssh/codecommit_rsa
  User XXXXXXXX
  HostKeyAlgorithms +ssh-rsa
  PubkeyAcceptedKeyTypes +ssh-rsa

More Information about the issue:

Ubuntu 22.04 ships with a new version of ssh (OpenSSH8.9p1), while the previous ubuntu versions used OpenSSH8.4p1 or older.

There is a breaking change in OpenSSH8.8p1 which disables RSA signatures using SHA-1 Hash algorithm by default.

From OpenSSH Release Notes

This release disables RSA signatures using the SHA-1 hash algorithm by default. This change has been made as the SHA-1 hash algorithm is cryptographically broken, and it is possible to create chosen-prefix hash collisions for <USD$50K [1]

For most users, this change should be invisible and there is no need to replace ssh-rsa keys. OpenSSH has supported RFC8332 RSA/SHA-256/512 signatures since release 7.2 and existing ssh-rsa keys will automatically use the stronger algorithm where possible.

Incompatibility is more likely when connecting to older SSH implementations that have not been upgraded or have not closely tracked improvements in the SSH protocol. For these cases, it may be necessary to selectively re-enable RSA/SHA1 to allow connection and/or user authentication via the HostkeyAlgorithms and PubkeyAcceptedAlgorithms options. For example, the following stanza in ~/.ssh/config will enable RSA/SHA1 for host and user authentication for a single destination host:

Host old-host
    HostkeyAlgorithms +ssh-rsa
    PubkeyAcceptedAlgorithms +ssh-rsa

We recommend enabling RSA/SHA1 only as a stopgap measure until legacy implementations can be upgraded or reconfigured with another key type (such as ECDSA or Ed25519).

[1] "SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and Application to the PGP Web of Trust" Leurent, G and Peyrin, T (2020) https://eprint.iacr.org/2020/014.pdf