Repo sync for protected branch

docs/linux/connect-to-your-remote-linux-computer.md

@@ -90,7 +90,7 @@ If `ssh` isn't already set up and running on your Linux system, follow these ste
 
    You can use either a password or a key file and passphrase for authentication. Key files are more secure than username/password. If you already have a key pair, it's possible to reuse it.
 
-   Versions of Visual Studio before 17.10 support Elliptic Curve (EC), Rivert-Shamir-Adleman (RSA), and Digital signature algorithm (DSA) keys for remote connections. Because of security concerns, RSA and DSA keys are no longer supported in VS 17.10 and later. Only EC keys are currently supported. To create a key pair compatible with the connection manager use the command:
+   Versions of Visual Studio before 17.10 support Elliptic Curve (EC), Rivert-Shamir-Adleman (RSA), and Digital signature algorithm (DSA) keys for remote connections. Because of security concerns, DSA keys are no longer supported in VS 17.10 and later. RSA keys were also not supported in VS 17.10 and VS 17.11 but are supported again in VS 17.12 and later. To create a key pair compatible with the connection manager you can use the command:
    `ssh-keygen -m pem -t ecdsa -f <key-name>`
 
    > [!NOTE]
@@ -131,7 +131,7 @@ Starting in Visual Studio version 16.9, support for older, insecure SSH algorith
 | Encryption | `aes128-cbc`</br>`aes128-ctr`</br>`aes192-cbc`</br>`aes192-ctr`</br>`aes256-cbc`</br>`aes256-ctr` |
 | HMAC | `hmac-sha2-256`</br>`hmac-sha2-512` |
 | Key exchange | `diffie-hellman-group14-sha256`</br>`diffie-hellman-group16-sha512`</br>`diffie-hellman-group-exchange-sha256`</br>`ecdh-sha2-nistp256`</br>`ecdh-sha2-nistp384`</br>`ecdh-sha2-nistp521` |
-| Host key | `ecdsa-sha2-nistp256`</br>`ecdsa-sha2-nistp384`</br>`ecdsa-sha2-nistp521` |
+| Host key | `ecdsa-sha2-nistp256`</br>`ecdsa-sha2-nistp384`</br>`ecdsa-sha2-nistp521`</br>`rsa-sha2-512`</br>`rsa-sha2-256`</br>`ssh-rsa` |
 
 ### Configure the SSH server
 
@@ -275,4 +275,4 @@ To configure an MSBuild project for WSL, see [Configure a Linux project](configu
 [Configure a Linux project](configure-a-linux-project.md)\
 [Configure a Linux CMake project](cmake-linux-project.md)\
 [Deploy, run, and debug your Linux project](deploy-run-and-debug-your-linux-project.md)\
-[Configure CMake debugging sessions](../build/configure-cmake-debugging-sessions.md)
+[Configure CMake debugging sessions](../build/configure-cmake-debugging-sessions.md)

docs/linux/set-up-fips-compliant-secure-remote-linux-development.md

@@ -48,7 +48,7 @@ The examples in this article use Ubuntu 18.04 LTS with OpenSSH server version 7.
    ```
 
    > [!NOTE]
-   > `ssh-rsa` is the only FIPS compliant host key algorithm VS supports. The `aes*-ctr` algorithms are also FIPS compliant, but the implementation in Visual Studio isn't approved. The `ecdh-*` key exchange algorithms are FIPS compliant, but Visual Studio doesn't support them.
+   > `ssh-rsa`, `rsa-sha2-*`, and `ecdsa-sha2-*` are the only FIPS compliant host key algorithms VS supports. For more information about the algorithms Visual Studio supports, see [Supported SSH Algorithms](connect-to-your-remote-linux-computer.md#supported-ssh-algorithms).
 
    You're not limited to these options. You can configure `ssh` to use other ciphers, host key algorithms, and so on. Some other relevant security options you may want to consider are `PermitRootLogin`, `PasswordAuthentication`, and `PermitEmptyPasswords`. For more information, see the `man` page for `sshd_config` or the article [SSH Server Configuration](https://www.ssh.com/ssh/sshd_config).
 
@@ -58,35 +58,35 @@ The examples in this article use Ubuntu 18.04 LTS with OpenSSH server version 7.
    sudo service ssh restart
    ```
 
-Next, you'll create an RSA key pair on your Windows computer. Then you'll copy the public key to the remote Linux system for use by `ssh`.
+Next, you'll create an ECDSA key pair on your Windows computer. Then you'll copy the public key to the remote Linux system for use by ssh.
 
-### To create and use an RSA key file
+### To create and use an ECDSA key file
 
-1. On the Windows machine, generate a public/private RSA key pair by using this command:
+1. On the Windows machine, generate a public/private ECDSA key pair by using this command:
 
    ```cmd
-   ssh-keygen -t rsa -b 4096 -m PEM
+   ssh-keygen -t ecdsa -m PEM
    ```
 
-   The command creates a public key and a private key. By default, the keys are saved to *`%USERPROFILE%\.ssh\id_rsa`* and *`%USERPROFILE%\\.ssh\\id_rsa.pub`*. (In PowerShell, use `$env:USERPROFILE` instead of the cmd macro `%USERPROFILE%`) If you change the key name, use the changed name in the steps that follow. We recommend you use a passphrase for increased security.
+   The command creates a public key and a private key. By default, the keys are saved to %USERPROFILE%\.ssh\id_ecdsa and %USERPROFILE%\.ssh\id_ecdsa.pub. (In PowerShell, use $env:USERPROFILE instead of the cmd macro %USERPROFILE%) Keys generated with RSA are also supported. If you change the key name, use the changed name in the steps that follow. We recommend you use a passphrase for increased security.
 
 1. From Windows, copy the public key to the Linux machine:
 
    ```cmd
-   scp %USERPROFILE%\.ssh\id_rsa.pub user@hostname:
+   scp %USERPROFILE%\.ssh\id_ecdsa.pub user@hostname:
    ```
 
 1. On the Linux system, add the key to the list of authorized keys, and ensure the file has the correct permissions:
 
    ```bash
-   cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
+   cat ~/id_ecdsa.pub >> ~/.ssh/authorized_keys
    chmod 600 ~/.ssh/authorized_keys
    ```
 
 1. Now, you can test to see if the new key works in `ssh`. Use it to sign in from Windows:
 
     ```cmd
-    ssh -i %USERPROFILE%\.ssh\id_rsa user@hostname
+    ssh -i %USERPROFILE%\.ssh\id_ecdsa user@hostname
     ```
 
 You've successfully set up `ssh`, created and deployed encryption keys, and tested your connection. Now you're ready to set up the Visual Studio connection.