GitHub has engaged its 2nd phase of SSH protocol security, where they disable using SHA-1 with RSA keys. The OpenSSH client works OK with the RSA keys, but the
org.jgit one inside TeamCity is working no longer, getting:
Failed to collect changes, error: org.eclipse.jgit.errors.NoRemoteRepositoryException: email@example.com:Project/Repository.git: ERROR: You're using an RSA key with SHA-1, which is no longer allowed. Please use a newer client or a different key type.
How do I instruct TeamCity/JGit/JSch not using SHA-1 and using supported hashing instead?
I could possibly migrate to Ed25519 key, but it is not supported by our Windows agents, and I have to change all keys in the TeamCity once more, meaning I will have two problems.
Is there a practical way to make TeamCity friends with SSH RSA keys for GitHub in 2022? For reference, I am on