ubuntu22.04 server SSH key login failed

Mobile 2023-04-09 00:16:30 views: null

ubuntu22.04 server SSH key login failed

1. Background introduction

SSH key login is to write the SSH public key into ~/.ssh/authorized_keysthe file .

Today, I installed the ubuntu22.04 system. According to the previous operation, after configuring the SSH public key on the server, I found that I could not log in.

2. Problem location

First check the OpenSSH version:

$ ssh -V
OpenSSH_8.9p1 Ubuntu-3ubuntu0.1, OpenSSL 3.0.2 15 Mar 2022

Check /var/log/auth.logthe file and find the following error message:

sshd[2648]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]

According to the error message, authorized_keysthe SSH public key type filled in the file is ssh-rsa type, which is an unsupported public key type. This limit should be increased in higher versions of SSH.

View supported public key types:

$ sudo sshd -T | egrep "pubkey"
pubkeyauthentication yes
pubkeyacceptedalgorithms [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],rsa-sha2-512,rsa-sha2-256
pubkeyauthoptions none

3. Solutions

Know the cause of the problem, the problem is easy to solve.

3.1 Scheme 1

Regenerate the OpenSSH public and private keys using a supported public key type, such as using ed25519.

Use ssh-keygenthe command to generate ed25519public and private keys as follows:

$ ssh-keygen -t ed25519 # 默认生成到~/.ssh/ 目录下,默认文件名为:id_ed25519 和 id_ed25519.pub
$ ssh-keygen -t ed25519 -f test # 生成文件到当前目录,文件名为:test 和 test.pub

3.2 Scheme 2

Modify the sshd configuration file /etc/ssh/sshd_configto pubkeyacceptedalgorithmssupport ssh-rsathe public key type.

Modification method: /etc/ssh/sshd_configadd a line at the end of the filePubkeyAcceptedAlgorithms +ssh-rsa

$ sudo echo "PubkeyAcceptedAlgorithms +ssh-rsa" >> /etc/ssh/sshd_config
$
$ tail /etc/ssh/sshd_config
Subsystem	sftp	/usr/lib/openssh/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#	X11Forwarding no
#	AllowTcpForwarding no
#	PermitTTY no
#	ForceCommand cvs server

PubkeyAcceptedAlgorithms +ssh-rsa

After modifying /etc/ssh/sshd_configthe configuration file, you need to restart the sshd service, executesudo systemctl restart sshd.service

Guess you like

Origin blog.csdn.net/ljz0929/article/details/129759705
Recommended
The United States plans to restrict the export of large AI models to China and Russia
Apple to reach agreement with OpenAI to bring ChatGPT to iPhone
Ranking
whisper-webui installation tutorial is silky and easy to use
[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations
Import torchvision error problem solving DLL: module not found
observer & watch & notify = pub & sub
A small turntable program [HTML + CSS + JS]
CorelDRAW 2018 shortcuts Daquan
Supervise el botón de menú para lograr un gatillo de presión prolongada
JS将时间秒转换成天小时分钟秒的字符串
RIP basic configuration
[Deleted] solution to a problem a few questions (Noip1994)
Daily
More
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)

Code World

© 2018 codetd.com