gitlad-sshd: Impact of RSA key length 8192 bit limitation in Golang 1.20.7+?

Hi folks!

In response to a customer ticket (internal ZD link) I was investigating the deprecation of RSA keys with a modulus over 8192 bits / &11186 (closed).

On my 16.4.1-ee (GitLab Shell v 14.28.0) test instance I was still able to authenticate to gitlab-sshd with a 15360-bit key just fine. Looks like it's still using Golang 1.19.

My question: Will the deprecation impact gitlab-sshd?

Steps

1. Create an RSA key pair with a modulus > 8192 bit: ssh-keygen -t rsa -b 15360 -f id_rsa_huuuge
2. Fetch a coffee ☕
3. Add the resulting public key to your user profile
4. Attempt to authenticate with said SSH key (and only that SSH key): ssh -i id_rsa_huuuge -T -o "IdentitiesOnly=yes" -F /dev/null -v git@yourhost
   1. Please note that if you run gitlab-sshd on an alternate port you might need to add the -p parameter to ssh, i.e. ssh -p 2222 -i id_rsa_huuuge -T ...