NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: bin/50148: new ssh does not work at all
The following reply was made to PR bin/50148; it has been noted by GNATS.
From: Martin Husemann <martin%duskware.de@localhost>
To: John Nemeth <jnemeth%cue.bc.ca@localhost>
Cc: gnats-bugs%NetBSD.org@localhost
Subject: Re: bin/50148: new ssh does not work at all
Date: Fri, 14 Aug 2015 09:58:12 +0200
On Fri, Aug 14, 2015 at 12:55:19AM -0700, John Nemeth wrote:
> * Support for ssh-dss, ssh-dss-cert-* host and user keys is disabled
> by default at run-time. These may be re-enabled using the
> instructions at http://www.openssh.com/legacy.html
Indeed, this is the issue.
While the agent had an RSA1 key as well, that server only had the DSA
key as authorized_key.
So adding
PubkeyAcceptedKeyTypes +ssh-dss
to /etc/ssh/ssh_config worked around the issue for now.
Next step: regen some keys and update tons of authorized_keys files.
Stupid security facists!
This needs a VERY PROMINENT heads up somewhere.
Martin
Home |
Main Index |
Thread Index |
Old Index