Last Updated: February 25, 2016
·
17.17K
· rompetroll

when openssh 7 blocks your public-key

#ssh
#openssh

So this happened to my today, after upgrading to openssh 7

git pull
Permission denied (publickey).

After some debugging, I found the following line in the output of ssh -vvv <host>

debug1: Skipping ssh-dss key /home/<user>/.ssh/id_dsa for not in PubkeyAcceptedKeyTypes

So apparently my dsa key is not considered secure anymore. But luckily the debug message also points to the solution ... adding this to ~/.ssh/config helps:

PubkeyAcceptedKeyTypes ssh-dss

That being said, the proper solution would probably be to get a new pair of keys.

#ssh
#openssh

Written by Sven Eigenbrodt

Say Thanks
Respond

Related protips

Using the latest SSH from Homebrew on OSX

17.05K
1

Virtual SSH-Hosts

1.034K
0

Agent admitted failure to sign using the key ssh

560
0

4 Responses
Add your response

purejava

Thank you for writing this. It saved me a lot of time.

over 1 year ago ·
sumdog

I got this too, but why? Is there a security advisory about DSA keys? Have they been broken?

over 1 year ago ·
mfalkvidd

Thanks! I guess it is time to upgrade my router to something that supports more modern key exchanges.

over 1 year ago ·
vitocosan

Thanks Sven
Very accurate tip... save me a lot of time ;)

Cheers!!
Victor Varela

over 1 year ago ·

Have a fresh tip? Share with Coderwall community!

Post
Post a tip
Best #Ssh Authors
cheglastgnat
303.2K
#ssh
#Python
#shell
mejt
132.1K
#ssh
#angular
#node.js
sheerun
105.5K
#ssh
#ruby
#coffeescript
wkjagt
98.12K
#ssh
#PHP
#JavaScript
mattwillsh
73.81K
#ssh
#Ruby
#Lua
Related Tags
#ssh
#openssh
Sponsored by
#native_company#
#native_desc#
#native_cta#
Filed Under
Tools
Awesome Job
See All Jobs
Post a job for only $299
Thanks to our sponsor
Sponsored by #native_company# — Learn More
#native_title# #native_desc#
#native_cta#