Thanks for the great work! On August 18, 2015 2:59:55 AM EDT, Lloyd Parkes <[email protected]> wrote: > >> On 18/08/2015, at 6:32 pm, marco <[email protected]> >wrote: >> /var/log/auth.log shows: >> >> 2015-08-18T06:27:38+00:00 00-1b-21-98-51-c1 sshd[67896]: [ID 800047 >> auth.info] rexec line 34: Deprecated option LookupClientHostnames >> 2015-08-18T06:27:38+00:00 00-1b-21-98-51-c1 sshd[67896]: [ID 800047 >> auth.info] rexec line 35: Deprecated option VerifyReverseMapping >> 2015-08-18T06:27:38+00:00 00-1b-21-98-51-c1 sshd[67896]: [ID 800047 >> auth.info] rexec line 107: Deprecated option MaxAuthTriesLog >> 2015-08-18T06:27:38+00:00 00-1b-21-98-51-c1 sshd[67896]: [ID 800047 >> auth.info] rexec line 135: Deprecated option RhostsAuthentication >> 2015-08-18T06:27:38+00:00 00-1b-21-98-51-c1 sshd[67896]: [ID 800047 >> auth.info] rexec line 151: Unsupported option GSSAPIAuthentication >> 2015-08-18T06:27:38+00:00 00-1b-21-98-51-c1 sshd[67896]: [ID 800047 >> auth.info] rexec line 152: Unsupported option GSSAPIKeyExchange >> 2015-08-18T06:27:38+00:00 00-1b-21-98-51-c1 sshd[67896]: [ID 800047 >> auth.info] WARNING: /var/ssh/moduli does not exist, using fixed >modulus >> 2015-08-18T06:27:39+00:00 00-1b-21-98-51-c1 sshd[67896]: [ID 800047 >> auth.info] reprocess config line 151: Unsupported option >> GSSAPIAuthentication >> 2015-08-18T06:27:39+00:00 00-1b-21-98-51-c1 sshd[67896]: [ID 800047 >> auth.info] reprocess config line 152: Unsupported option >> GSSAPIKeyExchange >> 2015-08-18T06:27:39+00:00 00-1b-21-98-51-c1 sshd[67896]: [ID 800047 >> auth.info] userauth_pubkey: key type ssh-dss not in >> PubkeyAcceptedKeyTypes [preauth] >> 2015-08-18T06:27:39+00:00 00-1b-21-98-51-c1 sshd[67896]: [ID 800047 >> auth.info] userauth_pubkey: key type ssh-dss not in >> PubkeyAcceptedKeyTypes [preauth] >> >> I'm guessing the last 2 lines is where it really goes wrong ? > > I’m guessing you are right. Some newer versions of OpenSSH have dropped > support for older insecure key types and DSA is one of them. I bet > that’s what "key type ssh-dss not in PubkeyAcceptedKeyTypes” means. > > I expect that you will need to generate new keys because this is just > the start. Make your keys nice big ones. > > Cheers, > Lloyd >
------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
