After upgrading dev-libs/openssl to 1.1.1d, I can no longer connect to my systems from Android TermBot client. It gives the following error: === Key exchange was not finished, connection is closed. The server hostkey was not accepted by the verifier callback. Unknown key type rsa-sha2-512 === Downgrading openssl to 1.1.1c-r1 resolves the issue. I'm not sure if it's bug or feature. Reporting on both ends in case. I suppose it's not nice when you're outta home and discover you can't connect to your computer.
Firstly, take a look at the following. sshd -T | awk '$1 == "hostkeyalgorithms"' Secondly, prevent sshd from advertising any algorithms that your client is complaining about. Below is an example of the syntax. Note that the algorithms are being negated here. HostKeyAlgorithms -rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-512 If this helps, then it falls upon the maintainer of your client to fix its behaviour because it should simply ignore any advertised algorithms that it does not support, provided that it has at least one in common with the server.
Closing as I cannot reproduce the issue and termbot upstream said they need to fix it on their end.