A second machine is now failing to ssh in without a password only after a dnf system-upgrade --releasever=23. The machines being ssh-ed into are both on Fedora 22 (fully updated). But the machines that are ssh-ing in are on Fedora 23 (updated via dnf).
Is anyone else having this issue?
I posted the output of ssh -vvv earlier this morning but please let me know if additional information is needed to help me troubleshoot the problem.
Many thanks again! Ranjan
____________________________________________________________ FREE 3D EARTH SCREENSAVER - Watch the Earth right on your desktop! Check it out at http://www.inbox.com/earth
2015-11-04 0:06 GMT+02:00 Ranjan Maitra maitra.mbox.ignored@inbox.com:
A second machine is now failing to ssh in without a password only after a dnf system-upgrade --releasever=23. The machines being ssh-ed into are both on Fedora 22 (fully updated). But the machines that are ssh-ing in are on Fedora 23 (updated via dnf).
Is anyone else having this issue?
I posted the output of ssh -vvv earlier this morning but please let me know if additional information is needed to help me troubleshoot the problem.
Many thanks again! Ranjan
Which type of key do you use for auth on that host? DSA keys (not host yet) is deprecated now (PubkeyAcceptedKeyTypes). Check and confirm that correct keys are loaded ssh-add -K, or try to restart ssh agent using different auth socket, f.e in /var/tmp, also check each keyfile by logging in manually.
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
On Wed, 4 Nov 2015 00:34:49 +0200 Alchemist raimiiic@gmail.com wrote:
2015-11-04 0:06 GMT+02:00 Ranjan Maitra maitra.mbox.ignored@inbox.com:
A second machine is now failing to ssh in without a password only after a dnf system-upgrade --releasever=23. The machines being ssh-ed into are both on Fedora 22 (fully updated). But the machines that are ssh-ing in are on Fedora 23 (updated via dnf).
Is anyone else having this issue?
I posted the output of ssh -vvv earlier this morning but please let me know if additional information is needed to help me troubleshoot the problem.
Many thanks again! Ranjan
Which type of key do you use for auth on that host? DSA keys (not host yet) is deprecated now (PubkeyAcceptedKeyTypes). Check and confirm that correct keys are loaded ssh-add -K, or try to restart ssh agent using different auth socket, f.e in /var/tmp, also check each keyfile by logging in manually.
Thanks! I guess I used dsa and rsa keys. So what kind of keys should I get? Is this change/deprecation detailed anywhere?
Many thanks again! Ranjan
____________________________________________________________ FREE 3D EARTH SCREENSAVER - Watch the Earth right on your desktop! Check it out at http://www.inbox.com/earth
2015-11-04 1:53 GMT+02:00 Ranjan Maitra maitra.mbox.ignored@inbox.com:
On Wed, 4 Nov 2015 00:34:49 +0200 Alchemist raimiiic@gmail.com wrote:
2015-11-04 0:06 GMT+02:00 Ranjan Maitra maitra.mbox.ignored@inbox.com:
A second machine is now failing to ssh in without a password only
after a
dnf system-upgrade --releasever=23. The machines being ssh-ed into are
both
on Fedora 22 (fully updated). But the machines that are ssh-ing in are
on
Fedora 23 (updated via dnf).
Is anyone else having this issue?
I posted the output of ssh -vvv earlier this morning but please let me know if additional information is needed to help me troubleshoot the problem.
Many thanks again! Ranjan
Which type of key do you use for auth on that host? DSA keys (not host
yet)
is deprecated now (PubkeyAcceptedKeyTypes). Check and confirm that
correct
keys are loaded ssh-add -K, or try to restart ssh agent using different auth socket, f.e in /var/tmp, also check each keyfile by logging in manually.
Thanks! I guess I used dsa and rsa keys. So what kind of keys should I get? Is this change/deprecation detailed anywhere?
Many thanks again! Ranjan
Yes it is detailed in OpenSSH 7.0 release notes. Users should drop DSA and switch to more secure keys. So if you are using DSA for auth on that host, try ssh -o "PubkeyAcceptedKeyTypes ssh-dss" remote.machine
FREE 3D EARTH SCREENSAVER - Watch the Earth right on your desktop! Check it out at http://www.inbox.com/earth
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Which type of key do you use for auth on that host? DSA keys (not host
yet)
is deprecated now (PubkeyAcceptedKeyTypes). Check and confirm that
correct
keys are loaded ssh-add -K, or try to restart ssh agent using different auth socket, f.e in /var/tmp, also check each keyfile by logging in manually.
Thanks! I guess I used dsa and rsa keys. So what kind of keys should I get? Is this change/deprecation detailed anywhere?
Many thanks again! Ranjan
Yes it is detailed in OpenSSH 7.0 release notes. Users should drop DSA and switch to more secure keys. So if you are using DSA for auth on that host, try ssh -o "PubkeyAcceptedKeyTypes ssh-dss" remote.machine
Thanks! I got it going with ecdsa keys. (Thanks to your tip. I would not have been able to figure this out otherwise.)
Best wishes, Ranjan
____________________________________________________________ FREE 3D EARTH SCREENSAVER - Watch the Earth right on your desktop! Check it out at http://www.inbox.com/earth