Showing posts with label ssh dsa keys not working. Show all posts
Showing posts with label ssh dsa keys not working. Show all posts

Friday, February 23, 2018

Skipping ssh-dss key id_dsa - not in PubkeyAcceptedKeyTypes

SSH keeps skipping my pubkey and asking for a password

You have correct ssh key but still it is asking password to login or if password authentication is prohibited, it stopped accepting correct keys.

If it was working before and suddenly it starts giving above error, it means you have upgraded your openssh. The new openssh version - 7.0+ does not support DSA keys anymore  (Neither on server nor on client). 

If openssh client has been upgraded and openssh server still supports DSA keys, make the changes in client side ssh config.

Solution  :
sudo nano /etc/ssh/ssh_config
Add following line in the file.
PubkeyAcceptedKeyTypes=+ssh-dss
Restart ssh.

If openssh server has been upgraded and openssh client still supports DSA keys, make the changes in server side sshd config.

Solution  :
sudo nano /etc/ssh/sshd_config
Add following line in the file.
PubkeyAcceptedKeyTypes=+ssh-dss
Restart ssh.

Note :  The best solution, you must use RSA keys. It has strong and secure algorithm and it is better than the patch you are finding.