GitHub changed which keys are supported in ssh and removed unencrypted Git protocol such as RSA keys with SHA-1. Your PE deployment is affected if you connect to GitHub through ssh or git://. For more information about these changes, read Improving Git protocol security on GitHub.
Error messages and logs
You get this error message when using an RSA key with SHA-1 to deploy new or updated code such as configuring multiple GitHub repositories in Puppet Enterprise.
ERROR: You're using an RSA key with SHA-1, which is no longer allowed. Please use a newer client or a different key type.\nPlease see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.
Version and installation information
PE version: All supported
Solution
Generate a new key with the Ed25519 algorithm. For example:
ssh-keygen -t ed25519 -P '' -f /etc/puppetlabs/puppetserver/ssh/id-control_repo.ed25519
How can we improve this article?
0 comments
Please sign in to leave a comment.
Related articles