appears to have been proven. Please keep in mind that there are two issues intermixing here:
OpenSSL 3 broke FasterHashing and may need workaround. OpenSSH broke authentication,
however it was done in the name of improving security, as the following release note explains:
https://www.openssh.com/txt/release-8.8
This release disables RSA signatures using the SHA-1 hash algorithm
by default. This change has been made as the SHA-1 hash algorithm is
cryptographically broken, and it is possible to create chosen-prefix
hash collisions for <USD$50K
We recommend enabling RSA/SHA1 only as a stopgap measure until legacy
implementations can be upgraded or reconfigured with another key type
(such as ECDSA or Ed25519).
In ssh-keygen, see option -t dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa
If using something else, you can investigate what newer key types they have that SSH.NET has.
SSH.NET ECDSA support seems to be evolving. ed25519 looks like a safer bet if you can get it.
Public Key Authentication describes what it has. develop branch has others, but isn’t available.
The SSH.NET site is a better place to ask about their issues if the above doesn’t help. Examples:
Authentication exception when connecting to Fedora using private keys #834
SSH Key Authentication Fails with macOS Ventura #1003
Permission denied (publickey) with SSH.NET - Can connect via FileZilla or Powershell. #956
Jammy Jellyfish Release Notes
See Security Improvements section paragraph talking about ssh-rsa and workaround option.
If anybody else on this thread would like to say what solved the authentication issue, please help.
EDIT:
“openssh 8.8” “ssh-rsa” in a Google or similar web search can find a lot of commentary about that.
Keep in mind which side you’ve upgraded. If Destination end, OpenSSH may break authentication.
If upgrading system that Duplicati is on, OpenSSL 3 may break hashing, but that’s a different topic.