Description
In OpenSSH you can disable ssh-rsa and use only rsa-sha2-256 and rsa-sha2-512 by using
in /etc/ssh/sshd_config:
HostKeyAlgorithms rsa-sha2-256,rsa-sha2-512
but the Karaf docs https://karaf.apache.org/manual/latest/remote
only have this option:
#
# Self defined key size in 1024, 2048, 3072, or 4096
# If not set, this defaults to 2048.
#
# keySize = 2048
#
# Specify host key algorithm, defaults to RSA
#
# algorithm = RSA
How to remove ssh-rsa which means a ssh session using SHA1 hash to check the key.
This is a scurity issue.