Re: Try to login: permission denied

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Thu, 2018-11-22 at 04:56 +0100, Stef Bon wrote:
> When I remove the
> 
> PubkeyAcceptedKeyTypes ssh-rsa
> 
> setting, I'm able to login. Huhh I've been always able to login this
> way. I see a message about the semantics has been changed, but maybe
> more has been changed...
> I think - but that is a wild guess - that the client asks it can use
> the new rsa-sha2-256/512 methods, server cannot support these cause
> these are not listed in the PubkeyAcceptedKeyTypes parameter and
> disconnects.

Yes, you are right. If you specify this option, the server will reject
all the other public key algorithms, but RSA keys are using the SHA2
signatures for some time already and they use different "signature
type", but only recent update made this enforced (see the release notes
for OpenSSH 7.8 [1]).

[1] http://www.openssh.com/txt/release-7.8

Regards,
-- 
Jakub Jelen
Software Engineer
Security Technologies
Red Hat, Inc.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux