Question

ssh refused: sshd[2444]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]

Posted April 27, 2016 66k views
SecurityConfiguration ManagementUbuntu 16.04

If you just upgraded Ubuntu 15.04/10 to Ubuntu 16.04 LTS (or otherwise upgraded OpenSSH from v6.9 to v7.0 you may be getting the ssh refusal because of changes in OpenSSH.

I was specifically getting this error in the /var/log/auth.log (via Webmin): sshd[2444]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth].

For this specific error, you need to add “PubkeyAcceptedKeyTypes=+ssh-dss” (without the quotations) to the bottom of your /etc/ssh/sshd_config file.

See: https://superuser.com/questions/1016989/ssh-dsa-keys-no-longer-work-for-password-less-authentication?lq=1

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers

Add a comment so I can heart it. Can’t heart “Questions”, which is what your comment shows up as. Good catch!

As explained in that StackExchange question, the security of ssh-dss is disputed and it would be a wiser idea to generate one of the supported key types, like ssh-rsa or ssh-ed25519, rather than going against the software defaults.

Submit an Answer