Cygwin: OpenSSH_8.8p1 appears broken, downgrade to OpenSSH_8.7p1 fixes it
As of version 8.8, OpenSSH no longer allows RSA signatures that are made using the SHA-1 hash algorithm. Existing RSA keys are still accepted, but they must be used together with SHA-256 instead. This applies both to signatures made with your user key from the client side, and to signatures made with the host key from the server side.
The first version of OpenSSH with rsa-sha2
support is 7.2.
If you need to connect to hosts which only provide RSA/SHA-1 host key signatures, and/or only accept RSA/SHA-1 user key signatures, add the following options to your ~/.ssh/config:
Host whatever.example.com
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
If you need to make your OpenSSH 8.8 server accept clients which only accept RSA/SHA-1 host key signatures and/or only provide RSA/SHA-1 user key signatures, add the same options to the server's sshd_config (minus the 'Host' section).