After 2.4 upgrade: SSH PubkeyAuth does not working
-
Hello,
after upgrading to 2.4 I cant login with ssh:
Oct 21 08:30:26 sshd 67507 Disconnected from XXX port 52538 [preauth]
Oct 21 08:30:26 sshd 67507 error: Received disconnect from XXX port 52538:14: No supported authentication methods available [preauth]
Oct 21 08:30:26 sshd 67507 userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]ts the same behaviour on two differenct pfsense boxed and on the Client Side I didnt changed anything. The ssh key is placed in the settings of the "admin" user.
Authentication Method
Disable password login for Secure Shell (RSA/DSA key only)Best Regards
-
What ssh client are you using? And what version of pfsense were you on before?
Pfsense has updated the version of openssh it runs.. So yeah back in 7.0 this was turned off
userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
http://www.openssh.com/txt/release-7.0
- Support for ssh-dss, ssh-dss-cert-* host and user keys is disabled by default at run-time. These may be re-enabled using the instructions at http://www.openssh.com/legacy.html
What I would suggest is you just create new key types to keep up with the times.. I use ed25519 which current and has been available since 6.5 of ssh.
Or you could enable it again via edit of the sshd_config.. But better to just update keys and clients to be current standards.
Yeah the (RSA/DSA key only) text should be updated in the gui.. Can put in a bug report on that..
-
I updated from the last version.. 2.3.x …
okay, yes this is the reason, I use old keys..
thanks!