[09:07:19] 10GitLab: Wikimedia GitLab SSH does not use post-quantum key exchange algorithm - https://phabricator.wikimedia.org/T407557#11284514 (10Lucas_Werkmeister_WMDE) >>! In T407557#11282964, @LucasWerkmeister wrote: > So potentially this affects not just GitLab but also production SSH… Sure does: ` $ ssh deployment.... [09:08:38] 10GitLab, 06SRE: OpenSSH 10.1+ warns that Wikimedia SSH does not use post-quantum key exchange algorithm - https://phabricator.wikimedia.org/T407557#11284517 (10Lucas_Werkmeister_WMDE) [09:10:54] 10GitLab, 06SRE: OpenSSH 10.1+ warns that Wikimedia SSH does not use post-quantum key exchange algorithm - https://phabricator.wikimedia.org/T407557#11284532 (10Lucas_Werkmeister_WMDE) >>! In T407557#11282964, @LucasWerkmeister wrote: > `lang=shell-session > me@host operations-puppet $ git grep curve25519-sha2... [09:13:49] 10GitLab, 06SRE: OpenSSH 10.1+ warns that Wikimedia SSH does not use post-quantum key exchange algorithm - https://phabricator.wikimedia.org/T407557#11284538 (10cmooney) p:05Triage→03Low I'm not really sure this is a massive issue right now. It's not clear to me that ssh sessions logs from now will be hug... [10:10:36] 10GitLab, 06SRE: OpenSSH 10.1+ warns that Wikimedia SSH does not use post-quantum key exchange algorithm - https://phabricator.wikimedia.org/T407557#11284644 (10Ladsgroup) (Wrong Mortiz) [10:25:34] 10GitLab, 06collaboration-services: OpenSSH 10.1+ warns that Wikimedia SSH does not use post-quantum key exchange algorithm - https://phabricator.wikimedia.org/T407557#11284684 (10Ladsgroup) Assuming gitlab ssh config needs changing, this needs attention of #collaboration-services team. Production seems to be... [10:29:50] 10GitLab, 06collaboration-services: OpenSSH 10.1+ warns that Wikimedia SSH does not use post-quantum key exchange algorithm - https://phabricator.wikimedia.org/T407557#11284688 (10Lucas_Werkmeister_WMDE) >>! In T407557#11284684, @Ladsgroup wrote: > Production seems to be handled already. No it isn’t, as shown... [11:21:50] 10GitLab, 06collaboration-services, 06Infrastructure-Foundations: OpenSSH 10.1+ warns that Wikimedia SSH does not use post-quantum key exchange algorithm - https://phabricator.wikimedia.org/T407557#11284841 (10LSobanski) [14:46:59] 10GitLab, 06collaboration-services, 10Gerrit, 06Infrastructure-Foundations: OpenSSH 10.1+ warns that Wikimedia SSH does not use post-quantum key exchange algorithm - https://phabricator.wikimedia.org/T407557#11285495 (10Lucas_Werkmeister_WMDE) Also affects Gerrit: ` $ git fetch ** WARNING: connection is n... [16:21:44] 10GitLab, 06collaboration-services, 10Gerrit, 06Infrastructure-Foundations: OpenSSH 10.1+ warns that Wikimedia SSH does not use post-quantum key exchange algorithm - https://phabricator.wikimedia.org/T407557#11285825 (10jhathaway) deploy2002 is running bullseye, which has ssh 1:8.4p1-5+deb11u5, so it does... [16:42:16] 10GitLab, 06collaboration-services, 10Gerrit, 06Infrastructure-Foundations: OpenSSH 10.1+ warns that Wikimedia SSH does not use post-quantum key exchange algorithm - https://phabricator.wikimedia.org/T407557#11285886 (10Lucas_Werkmeister_WMDE) >>! In T407557#11285825, @jhathaway wrote: > gerrit1003 is also... [17:37:08] 10GitLab, 06collaboration-services, 10Gerrit, 06Infrastructure-Foundations: OpenSSH 10.1+ warns that Wikimedia SSH does not use post-quantum key exchange algorithm - https://phabricator.wikimedia.org/T407557#11286112 (10Paladox) >>! In T407557#11285825, @jhathaway wrote: > deploy2002 is running bullseye, w... [20:16:15] 10GitLab, 06collaboration-services, 10Gerrit, 06Infrastructure-Foundations: OpenSSH 10.1+ warns that Wikimedia SSH does not use post-quantum key exchange algorithm - https://phabricator.wikimedia.org/T407557#11286637 (10jhathaway) ` debug1: Remote protocol version 2.0, remote software version GerritCodeRev...