openssh now disables RSA/SHA-1 by default, so using RSA/SHA-1 will eventually cause us problems: https://undeadly.org/cgi?action=article;sid=20210830113413 this patch modifies ssh.c to use RSA/SHA-256 (aka rsa-sha2-256) instead of RSA/SHA-1 (aka ssh-rsa) as the public key algorithm. NOTE: public rsa keys and thumbprints are ***NOT AFFECTED*** by this patch. patch attached.