On 12 May 2016 at 23:53, Ed Smith-Rowland wrote: > I recently upgraded to Ubuntu Xenial and my because the supported OpenSSH no > longer supports DSA my gnu keys no longer work. > > Trying to fix it involved so many false starts that I am now blocked: > > ed@bad-horse:~$ svn update gcc > Updating 'gcc': > Received disconnect from 209.132.180.131 port 22:2: Too many authentication > failures for emsr > Connection to gcc.gnu.org closed by remote host. > svn: E170013: Unable to connect to a repository at URL > 'svn+ssh://emsr@xxxxxxxxxxx/svn/gcc/trunk' > svn: E210002: To better debug SSH connection problems, remove the -q option > from 'ssh' in the [tunnels] section of your Subversion configuration file. > svn: E210002: Network connection closed unexpectedly > ed@bad-horse:~$ > > I would like to be unlocked and to register this key only: > ssh-rsa > AAAAB3NzaC1yc2EAAAADAQABAAABAQDCJHxK+znyU4A1gKsFE18bL+3lEyzXZOo+peBDJF/PKpJrBvQY2DW85UNH3SJmmIfypc4th5RiSNjZJLiKKclUYmnTa75L5N1V2X3d5w1Axx0LM9/2GDkLZLdsXRCmGQ5Dr0UWdxCws8JPV5Sb/+RiEr5HcInnggX7vzhiWTCxaoRYIgtJJoEosfuYNHIZ9JEIvAyPm/cc0dC2t/1a2GPlJK0e+0xdwij3zD19a0vUGtddHdPZISZCWhhMLLvp2F4ZPuVrPrzdz55VoBvik/eDO29WvulRGcsoasCkmHYJsbJtUlHjYYFymte/mSkSYaAsQA0ZgMZFrnB9ylAe3Wrd > ed@bad-horse > > If, after unlocking, there's a page or webform that will allow me to manage > ssh keys point me there and I'll set my own keys. I don't think anything is locked "Too many authentication failures" just means too many for that connection attempt, usually because it tried a bunch of keys that didn't work, but it doesn't lock you out. The DSA key is probably being blocked by your new openssh client, but it almost certainly still supports DSA, just disables it by default. So try altering your ~/.ssh/config to allow it: Host gcc.gnu.org PubkeyAcceptedKeyTypes ssh-dss,ssh-rsa That should let you in. Ideally you'll still want to replace your existing DSA pubkey with an RSA one, so you don't need to tell you client to allow DSA keys, but if you don't have shell access then I think you need to ask overseers@gcc to update your authorized_keys file.
