So I add the line PubkeyAcceptedKeyTypes +ssh-dss to my opensshd_config file. When I restart sshd, I am told that May 11 09:33:14 pickles systemd: Started OpenSSH Server Key Generation. May 11 09:33:14 pickles systemd: Started OpenSSH server daemon. May 11 09:33:14 pickles systemd: Starting OpenSSH server daemon... May 11 09:33:14 pickles sshd: /etc/ssh/sshd_config: line 156: Bad configuration option: PubkeyAcceptedKeyTypes May 11 09:33:14 pickles sshd: /etc/ssh/sshd_config: terminating, 1 bad configuration options May 11 09:33:14 pickles systemd: sshd.service: main process exited, code=exited, status=255/n/a May 11 09:33:14 pickles systemd: Unit sshd.service entered failed state. May 11 09:33:14 pickles systemd: sshd.service failed. Don't think I made a typo but that has not been the first time. What else could I be missing here? This is openssh 6.6.1 in RHELS 7.2
Unless it was backported "PubkeyAcceptedKeyTypes" it only exists in 7.0+ OpenSSH. From OpenSSH 7.0 release notes: "New Features ------------ * ssh_config(5): add PubkeyAcceptedKeyTypes option to control which public key types are available for user authentication." - Ben Mauricio Tavares wrote:> So I add the line > > PubkeyAcceptedKeyTypes +ssh-dss > > to my opensshd_config file. When I restart sshd, I am told that > > May 11 09:33:14 pickles systemd: Started OpenSSH Server Key Generation. > May 11 09:33:14 pickles systemd: Started OpenSSH server daemon. > May 11 09:33:14 pickles systemd: Starting OpenSSH server daemon... > May 11 09:33:14 pickles sshd: /etc/ssh/sshd_config: line 156: Bad > configuration option: PubkeyAcceptedKeyTypes > May 11 09:33:14 pickles sshd: /etc/ssh/sshd_config: terminating, 1 bad > configuration options > May 11 09:33:14 pickles systemd: sshd.service: main process exited, > code=exited, status=255/n/a > May 11 09:33:14 pickles systemd: Unit sshd.service entered failed state. > May 11 09:33:14 pickles systemd: sshd.service failed. > > Don't think I made a typo but that has not been the first time. What > else could I be missing here? This is openssh 6.6.1 in RHELS 7.2 > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
On Wed, May 11, 2016 at 10:56 AM, Ben Lindstrom <mouring at eviladmin.org> wrote:> Unless it was backported "PubkeyAcceptedKeyTypes" it only exists in 7.0+ > OpenSSH. >Another mystery solved. Thanks! Is there a way to fake that in 6.6, specially within a match block?> From OpenSSH 7.0 release notes: > > "New Features > ------------ > > * ssh_config(5): add PubkeyAcceptedKeyTypes option to control which > public key types are available for user authentication." > > > - Ben > > Mauricio Tavares wrote: >> >> So I add the line >> >> PubkeyAcceptedKeyTypes +ssh-dss >> >> to my opensshd_config file. When I restart sshd, I am told that >> >> May 11 09:33:14 pickles systemd: Started OpenSSH Server Key Generation. >> May 11 09:33:14 pickles systemd: Started OpenSSH server daemon. >> May 11 09:33:14 pickles systemd: Starting OpenSSH server daemon... >> May 11 09:33:14 pickles sshd: /etc/ssh/sshd_config: line 156: Bad >> configuration option: PubkeyAcceptedKeyTypes >> May 11 09:33:14 pickles sshd: /etc/ssh/sshd_config: terminating, 1 bad >> configuration options >> May 11 09:33:14 pickles systemd: sshd.service: main process exited, >> code=exited, status=255/n/a >> May 11 09:33:14 pickles systemd: Unit sshd.service entered failed state. >> May 11 09:33:14 pickles systemd: sshd.service failed. >> >> Don't think I made a typo but that has not been the first time. What >> else could I be missing here? This is openssh 6.6.1 in RHELS 7.2 >> _______________________________________________ >> openssh-unix-dev mailing list >> openssh-unix-dev at mindrot.org >> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > >
Seemingly Similar Threads
- [Bug 3213] New: openssh 8.3p1 will not use any type of RSA key for legacy servers if ssh-rsa is not in PubkeyAcceptedKeyTypes
- Adding a second lv as vm drive: how to set the pci part
- DSA key not accepted on CentOS even after enabling
- Try to login: permission denied
- [Bug 3253] New: ssh-keygen man page still lists deprecated key types for -t