We are getting the following SHA error after the Linux server was patched. But when the user checks the console, it is at sha2 already. Is this something else that CAPAM require?
Couldn't agree either on kex algorithm (our: 'ecdh-sha2-nistp384,ecdh-sha2-nistp256,ecdh-sha2-nistp521,diffie-hellman-group14-sha1', peer: 'curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512') or host key algorithm (our: 'ssh-rsa', peer: 'rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519')
Release : 3.4
Component :
There are several possible causes. In this case sshd update was the underlying cause
update-crypto-policies --show ( if its set to FUTURE) then
update-crypto-policies --set DEFAULT
systemctl restart sshd