Every time I run ssh, ssh prompts "password:" with latest OpenSSH package.

Andrew DeFaria Andrew@DeFaria.com
Tue Sep 8 19:44:00 GMT 2015


On 09/02/2015 08:48 PM, Andrey Repin wrote:
> Greetings, Hiroyuki Kurokawa!
>
>> Thanks Andrey for reply to my question.
>
>> George gave me an advice by a direct mail.
>> And his instruction solve my problem.
>
>>> If you use dsa key type, you need to add to your ssh client configuration file, either ~/.ssh/config or /etc/ssh_config, the following parameter:
>>>
>>> PubkeyAcceptedKeyTypes +ssh-dss
>>>
>>> If you use some other key type, then 'ssh -Q key' will list all supported key types, pick the right one and put it into config file instead of ssh-dss.
>>>
>>> I had the same problem after the last ssh upgrade.
>
>> Now the latest ssh works fine with ~/.ssh/config which contains
>> "PubkeyAcceptedKeyTypes +ssh-dss" because a type of my key is DSA.
>
>> I appreciate George so much.
>
> This is not the right solution. Right solution would be to change your keys.
> While DSA keys aren't inherently insecure (quite opposite), FIPS compliant
> systems enforce DSA key length to 1024 bits, which is considered to be weak
> nowadays. You CAN use longer DSA keys, but not all systems support it.

Or perhaps use ecdsa? ssh-keygen -t ecdsa

-- 
<a href="http://defaria.com">Andrew DeFaria</a><br>
<a href="http://clearscm.com">ClearSCM, Inc.</a><br>


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple



More information about the Cygwin mailing list