Bump asyncssh from 2.22.0 to 2.23.0

[dependabot]

Bumps asyncssh from 2.22.0 to 2.23.0.

Changelog

Sourced from asyncssh's changelog.

Release 2.23.0 (8 Feb 2026)

• Added support for "Match localnetwork". Thanks go to Théophile Bastian for reporting this new match type, added in OpenSSH 9.4.

• Enabled support for RSA with SHA-2 signatures in ssh-agent and Pageant. Thanks go to GitHub user Netzvamp for reporting this.

• Changed MAC algorithm negotation to be skipped when using AEAD ciphers. Thanks go to GitHub user LilleCarl for reporting this issue and suggesting a potential fix.

• Improved graceful termination when using ProxyCommand, waiting for the ProxyCommand tunnel to close when cleaning up a connection. Thanks go to Simon Liétar for reporting this issue and helping to investigate possible solutions.

• Blocked unsafe user substitutions from being used in server config. Thanks go to GitHub user 0xHunSec for reporting this problem and providing reproduction code.

• Fixed an issue with config evaluation when "Match final" was combined with Hostname directives. Thanks go to GitHub user commonism for reporting this issue and coming up with a reproducible test case and a potential fix.

• Fixed a resource leak in xauth support. Thanks go to GitHub user taovinci0 for reporting this problem and providing an initial version of a fix.

• Fixed issue with multi-hop ProxyJump directives in a config file not working correctly. Thanks go to Rémi Benoit for reporting this problem and providing a detailed root cause analysis.

• Fixed string encoding in SFTPName objects returned by realpath(). Thanks go to GitHub user vivodi for reporting this and providing reproduction code.

Commits

• c060703 Bump version number up to 2.23.0 and update change log
• 2af2382 Catch unsafe user substitutions in config
• a9dba89 Fix string encoding in SFTPName objects returned by realpath()
• d2653a1 Work around import issue introduced in fido2 version 2.2.0
• ff9745f Fix latest mypy issues
• 5972676 Add unit test for server advertising an empty list of MAC algs
• 049eaad Skip MAC address selection when AEAD ciphers are selected
• 038b440 Fix line wrapping
• b80da41 Fix NameError in PQDH when handling invalid algorithms
• 94a996c Update documentation for SSHServer.server_requested
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)