After a recent Ubuntu upgrade, one of my frequented remote servers stopped accepting my public key and was prompting me for my password. The password is gross and unwieldy and I was most put-out, I must say. So, I googled the title of this post. Mostly suggestions to check the permissions of various files. All of mine were locked tight to user-only, including my home directory.
Of course, I'd already tried
ssh -vvv to get all the debugging output. Unfortunately, I zoomed in on the following message:
debug1: Next authentication method: publickey debug2: we did not send a packet, disable method
Instead of this one a little further up:
debug1: Skipping ssh-dss key /home/ME/.ssh/keyfiles/ME.key - not in PubkeyAcceptedKeyTypes
Rather than add ssh-dss to the supported types, I just created a new key with
ssh-copy-id later, everything worked.
... except when it didn't. Adding the following to
~/.ssh/config</tt for the offending host worked:
Host refuses-my-agent-keys.jerkass.com PubkeyAcceptedKeyTypes +ssh-dss
After a recent Ubuntu upgrade on my home machine, ssh attempts to it from the VirtualBox instance at work stopped working. Here's what ssh spewed back at me:
no matching cipher found: client blowfish-cbc,arcfour server aes128-ctr,aes192-ctr,aes256-ctr,firstname.lastname@example.org,email@example.com,firstname.lastname@example.org
Impatient, I just logged in from another machine. The VM runs CentOS 5.10 so that its environment is comparable with what [used to be] present on the majority of our production servers. I'm an anti-RedHat bigot in the first place, and didn't want to hunt down repos and upgrade my ssh.
That was not necessary. The problem was a "Ciphers" line I'd added to my ~/.ssh/config, intended to prefer ("Googallegedly") faster encryption methods. Adding all but those that resemble email addresses seems to have fixed the issue. My "Ciphers" line now looks like this:
Host * Ciphers blowfish-cbc,arcfour,aes128-ctr,aes192-ctr,aes256-ctr
The ciphers may be defined in your system /etc/ssh/ssh_config. Check around. If you can't find it anywhere, try this:
sudo find ~/.[a-z]* /etc -path '*ssh*' -type f | sudo xargs fgrep Cipher
Anyway, that was my fix. Right on in, easy-peasy lemon-squeezy.