执行SSH/SCP命令报错：sign_and_send_pubkey: no mutual signature supported

从AlmaLinux9系统通过SCP命令拉取CentOS7系统的文件时报错。

~]#scp -i mypk user@192.168.1.10:/home/user/abc.txt ./
Enter passphrase for key 'mypk':
sign_and_send_pubkey: no mutual signature supported
user@192.168.1.10: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Connection closed

# CentOS一侧错误如下
error: Could not load host key: /etc/ssh/ssh_host_ed25519_key

查询资料分析得知：从AlmaLinux9/RockyLinux9/RHEL9开始，默认限制了SHA1算法的使用范围。
而CentOS7的OpenSSH所采用的的ssh-rsa公钥签名算法依赖于SHA1，所以导致了默认无法建立SSH连接。
比较快的解决方法如下

# 在 AlmaLinux9/RockyLinux9/RHEL9 上临时启用SHA1
~]# update-crypto-policies --set DEFAULT:SHA1
Setting system policy to DEFAULT:SHA1
Note: System-wide crypto policies are applied on application start-up.
It is recommended to restart the system for the change of policies
to fully take place.

# SCP顺利连接
~]#scp -i mypk user@192.168.1.10:/home/user/abc.txt ./
Enter passphrase for key 'mypk':
abc.txt                                                                                                                           100%   15KB  18.4MB/s   00:00

# 恢复 AlmaLinux9/RockyLinux9/RHEL9 上的默认设置，保证安全性
~]#update-crypto-policies --set DEFAULT
Setting system policy to DEFAULT
Note: System-wide crypto policies are applied on application start-up.
It is recommended to restart the system for the change of policies
to fully take place.