Merge remote-tracking branch 'upstream/main' into CI-7286-linux-specific-updates

Author: ryanberg-aquent

Exchange/ExchangeServer/servertoc/toc.yml

@@ -232,8 +232,6 @@ items:
           href: ../client-connectivity/cannot-create-appointment.md
         - name: Can't open a shared folder in Outlook on the web
           href: ../client-connectivity/cannot-open-shared-folder-owa.md
-        - name: Can't open documents on a network file share
-          href: ../../ExchangeOnline/outlook-on-the-web-issues/cannot-open-documents-on-network-file-share.md?context=%2fexchange%2ftroubleshoot%2fcontext%2fserver-context
         - name: Can't open OWA, ECP, or EMS after a self-signed certificate is removed
           href: ../client-connectivity/owa-ecp-ems-cannot-connect-after-self-signed-certificate-removed.md
         - name: Can't search people in OWA
@@ -460,8 +458,6 @@ items:
           href: ../public-folders/disable-conflict-message.md
         - name: No active public folder mailboxes were found
           href: ../public-folders/migrationbatch-fails-no-public-folder-mailboxes.md
-        - name: Public folder meetings cannot be modified in OWA
-          href: ../../ExchangeOnline/calendars/public-folder-meetings-not-modified-in-owa.md?context=%2fexchange%2ftroubleshoot%2fcontext%2fserver-context
         - name: Large items skipped during migration
           href: ../public-folders/large-items-skipped.md
         - name: Public folder items are deleted after batch migration
@@ -470,8 +466,6 @@ items:
           href: ../public-folders/public-folder-migration-fails.md
         - name: Public folder permissions for Exchange Server
           href: ../public-folders/public-folder-permissions-for-exchange-server.md
-        - name: Public folder users can't manage subfolders
-          href: ../../ExchangeOnline/public-folders/public-folder-users-cannot-manage-subfolders.md?context=%2fexchange%2ftroubleshoot%2fcontext%2fserver-context
         - name: Troubleshoot public folder replication issues
           href: ../public-folders/troubleshoot-public-folder-replication.md
     - name: Setup

Microsoft365/purview/purview/purviewtoc/toc.yml

@@ -111,8 +111,6 @@
       href: ../office-message-encryption/cannot-display-message.md
     - name: Disable Encrypt-Only
       href: ../office-message-encryption/disable-encrypt-only.md
-    - name: External recipient can't open encrypted email
-      href: /troubleshoot/outlook/security/external-recipient-can't-open-encrypted-email?context=/troubleshoot/microsoft-365/context/client-context
     - name: Resolve Microsoft Purview Message Encryption issues
       href: ../office-message-encryption/fix-message-encryption-issue-microsoft-purview.md
   - name: PST Import Service

Office/Client/clienttoc/toc.yml

@@ -644,8 +644,6 @@
           href: ../powerpoint/slide-transition-sounds-missing.md
         - name: Troubleshoot a damaged presentation
           href: ../powerpoint/damaged-presentation.md
-        - name: User info in @mentions doesn't resolve
-          href: /troubleshoot/office/excel/mentions-not-resolve-user-information?context=/troubleshoot/office/context/client-context
     - name: Project
       items:
         - name: Can't add or edit resources in Enterprise Resource Pool
@@ -790,8 +788,6 @@
           href: ../word/not-recognize-misspelled-words-in-word.md
         - name: Track Changes functionality disabled when RMS is disabled
           href: ../word/track-changes-disabled.md
-        - name: User info in @mentions doesn't resolve
-          href: /troubleshoot/office/excel/mentions-not-resolve-user-information?context=/troubleshoot/office/context/client-context
         - name: Using printer fonts in Word
           href: ../word/printer-fonts-in-word.md
         - name: Word slows or stops responding

Teams/TOC.yml

@@ -16,8 +16,6 @@ items:
       href: ./teams-administration/disable-sharepoint-news-notifications.md
     - name: Error switching a tenant to Teams Only mode
       href: ./teams-administration/cannot-switch-to-teams-only-mode.md
-    - name: Issues receiving messages and calls
-      href: /microsoftteams/legacy-login-issues?context=/troubleshoot/MicrosoftTeams/context/context
     - name: Prevent antivirus and DLP tools from blocking or crashing Microsoft Teams
       href: ./teams-administration/include-exclude-teams-from-antivirus-dlp.md
     - name: Resolve issues when starting the new Teams app
@@ -38,10 +36,6 @@ items:
         href: ./teams-administration/root-cause-undetermined-teams-update-failure.md
     - name: '"The following application instance is not present in BVD" error when assigning a phone number to a resource accounts'
       href: ./teams-administration/following-application-instance-not-present-error.md
-    - name: Troubleshoot connectivity issues
-      href: /microsoftteams/connectivity-issues?context=/troubleshoot/MicrosoftTeams/context/context
-    - name: Troubleshoot installation and update issues of classic Teams
-      href: /microsoftteams/troubleshoot-installation?context=/troubleshoot/MicrosoftTeams/context/context
     - name: User information isn't updated
       href: ./teams-administration/user-information-not-updated.md
   - name: Authentication
@@ -70,8 +64,6 @@ items:
       href: ./teams-conferencing/organizer-cant-start-teams-meeting.md
     - name: PSTN callers with the same "From" number are shown as the same user
       href: ./teams-conferencing/pstn-callers-shown-with-same-call-in-number.md
-    - name: Skype for Business broadcasts a dial tone
-      href: /troubleshoot/skypeforbusiness/server-conferencing/sfb-play-dial-tone-teams-call?context=/troubleshoot/MicrosoftTeams/context/context
     - name: Skype for Business required for some meetings instead of Teams
       href: ./teams-conferencing/meeting-requires-skype-instead-of-teams.md
     - name: Static conference ID not supported for Teams meetings
@@ -162,8 +154,6 @@ items:
     items:
     - name: Issue with accessing notebooks
       href: ./teams-onenote-integration/issue-access-notebook.md
-    - name: Temporary change to file size download limit in OneNote
-      href: /troubleshoot/office/onenote/temp-change-onenote-file-size-download?context=/troubleshoot/MicrosoftTeams/context/context
   - name: Phone System
     items:
     - name: Issues when using SIP devices
@@ -254,8 +244,6 @@ items:
     items:
     - name: Websites aren't viewable
       href: ./sites/cannot-view-website-teams-web-client.md
-    - name: '"This site cant be reached" and ERR_INVALID_RESPONSE error when accessing SharePoint site'
-      href: /troubleshoot/sharepoint/sites/err-invalid-response-accessing-sharepoint-site?context=/troubleshoot/MicrosoftTeams/context/context
   - name: Tabs
     items:
     - name: Owner can't create Planner tab

support/azure/azure-kubernetes/connectivity/basic-troubleshooting-outbound-connections.md

@@ -145,8 +145,6 @@ To determine if traffic is blocked to the endpoint due to Azure network resource
 > [!NOTE]
 >
 > Azure Virtual Network Verifier (Preview) can't access any external or third-party networking resources, such as a custom firewall. If the connectivity analysis doesn't detect any blocked traffic, we recommend that you perform a manual check of any external networking to cover all hops in the traffic flow.
-> 
-> Currently, clusters using Azure CNI Overlay aren't supported for this feature. Support for CNI Overlay is planned for August 2025.
 
 1. Navigate to your cluster in the Azure portal. In the sidebar, navigate to the Settings -> Node pools blade.
 2. Identify the nodepool you want to run a connectivity analysis from. Click on the nodepool to select it as the scope.

support/windows-client/toc.yml

@@ -1075,6 +1075,10 @@ items:
       href: ./system-management-components/fail-to-launch-vamt-3dot0.md
     - name: Windows Trace Session Manager service doesn't start
       href: ./system-management-components/windows-trace-session-manager-service-not-start-event-id-7000.md
+  - name: OpenSSH
+    items:
+    - name: OpenSSH client can't connect to a server via SSH
+      href: ../windows-server/system-management-components/open-client-can-not-connect-server.md?context=/troubleshoot/windows-client/context/context
   - name: PowerShell
     items:
     - name: Grant-DfsnAccess doesn't change inheritance mode

support/windows-server/system-management-components/open-client-can-not-connect-server.md

@@ -0,0 +1,140 @@
+---
+title: OpenSSH Client Can't Connect To a Server via SSH
+description: Addresses multiple common causes and solutions when encountering OpenSSH connection errors related to host key algorithm mismatches on Windows systems.
+ms.date: 09/16/2025
+manager: dcscontentpm
+audience: itpro
+ms.topic: troubleshooting
+ms.reviewer: kaushika, warrenw, v-lianna
+ms.custom:
+- sap:system management components\openssh (including sftp)
+- pcy:WinComm User Experience
+---
+# OpenSSH client can't connect to a server via SSH: "no matching host key type found" errors
+
+This article addresses multiple common causes and solutions when encountering OpenSSH connection errors related to host key algorithm mismatches on Windows systems.
+
+When you connect to a server via Secure Shell (SSH), you might encounter errors such as:
+
+- > Unable to negotiate with \<server\>: no matching host key type found.
+- > Host key algorithm: (no match)
+- > Permission denied (publickey).
+- > Server refused our key.
+
+These errors typically indicate mismatches in supported algorithms, permissions issues, or security concerns.
+
+## Cause 1: RSA algorithm disabled in updated OpenSSH versions
+
+OpenSSH 8.8 and later versions disable the insecure `ssh-rsa` algorithm by default, causing legacy clients dependent on RSA keys to fail connection attempts.
+
+### Resolution
+
+1. Back up the existing configuration:
+
+    ```powershell
+    Copy-Item "C:\ProgramData\ssh\sshd_config" "C:\ProgramData\ssh\sshd_config.bak" 
+    ```
+
+2. Modify the **sshd_config** file:
+
+    1. Open Notepad as administrator.
+    2. Use the following command to open the **sshd_config** file:
+
+        ```console
+        notepad "C:\ProgramData\ssh\sshd_config"
+        ```
+
+    3. Add the following lines to the end of the file:
+
+        ```output
+        PubkeyAcceptedAlgorithms +ssh-rsa 
+        HostKeyAlgorithms +ssh-rsa
+        ```
+
+3. Restart the OpenSSH service:
+
+    ```powershell
+    Restart-Service sshd
+    ```
+
+4. Verify the SSH connection:
+
+    ```powershell
+    ssh -v [email protected] 
+    ```
+
+## Cause 2: Missing or incorrect authorized_keys file or improper file permissions
+
+Connection failures occur due to missing or incorrect **authorized_keys** file or improper file permissions, generating "Permission denied" errors.
+
+### Resolution
+
+1. Ensure the **authorized_keys** file exists:
+
+    File path:
+    **C:\ProgramData\\ssh\\administrators_authorized_keys**
+
+    Place your public keys correctly in this file.
+2. Correct file permissions:
+
+    Ensure only administrators have write permissions to the file:
+
+    ```console
+    icacls.exe "C:\ProgramData\ssh\administrators_authorized_keys" /inheritance:r /grant "Administrators:F"
+    ```
+
+3. Restart the OpenSSH service:
+
+    ```console
+    net stop sshd 
+    net start sshd 
+    ```
+
+## Cause 3: Private keys stored in the registry persist across sessions causing security risks
+
+Private keys stored by OpenSSH's ssh-agent service persist across sessions in the Windows registry, potentially causing security risks.
+
+### Resolution
+
+- Use strong encryption and passphrases when generating private keys.
+- Limit registry access through user permissions.
+- Regularly update OpenSSH from official sources (for example, GitHub).
+- Regularly audit registry entries and clear sensitive keys when not needed.
+
+### Optional registry adjustments
+
+Manage RSA keys securely via registry policies:
+
+```powershell
+Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\SSH-Server' -Name AllowRSAKey -Value 1 -Type DWORD 
+Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Services\SSH-Server\Parameters' -Name AllowRSAKey -Value 1 -Type DWORD 
+```
+
+### Recommended general security practices
+
+- Secure user accounts and maintain strict file permissions.
+- Regularly update OpenSSH to include latest security patches.
+- Use stronger algorithms such as ED25519 or ECDSA where possible.
+- Educate users on secure key management practices.
+
+## Troubleshooting logs and diagnostics
+
+To gather detailed debugging logs during connection attempts, use the verbose SSH command:
+
+```console
+ssh -vvv user@hostname
+```
+
+Analyze logs collected from both working and nonworking environments to identify configuration differences.
+  
+## Next steps
+
+- Identify and inventory legacy clients still requiring weaker algorithms like `ssh-rsa`.
+- Implement a scheduled upgrade strategy to migrate these clients to stronger algorithms.
+- After resolving compatibility issues, remove temporary algorithm overrides from **sshd_config**.
+- Replace legacy RSA keys with stronger keys (minimum 3072-bit RSA or ED25519).
+  
+## References
+
+- [Key-based authentication in OpenSSH for Windows](/windows-server/administration/openssh/openssh_keymanagement)
+- [OpenSSH 8.8 Release Notes (RSA deprecation)](https://www.openssh.com/txt/release-8.8)

support/windows-server/toc.yml

@@ -2592,6 +2592,10 @@ items:
       href: ./system-management-components/sms-administrator-console-connectivity-issue.md
     - name: What is MMC
       href: ./system-management-components/what-is-microsoft-management-console.md
+  - name: OpenSSH
+    items:
+    - name: OpenSSH client can't connect to a server via SSH
+      href: ./system-management-components/open-client-can-not-connect-server.md
   - name: PowerShell
     items:
     - name: CJK characters are garbled in PowerShell