Fixing dropbear ssh Permission denied (publickey) error

Remote unlocking of full disk encryption via dropbear-ssh stopped worked on one machine. I still don’t know why, as it continues to work on numerous other machines, despite all being built from the same image. But oh well.

It’s an ssh issue:

Permission denied (publickey)

Attempting to connect via ssh with additional debug options -vvvv gave me:

debug1: send_pubkey_test: no mutual signature algorithm

Which I think means that OpenSSL on my laptop doesn’t, by default, use RSA SHA-1 anymore.

I tried re-keying using ssh-keygen, but no change.

I tried re-keying using ED25519, but dropbear does not support this (or, at least, the version available to Raspberry Pi OS does not).

So I went for a workaround. I added

PubkeyAcceptedKeyTypes +ssh-rsa

to the host’s entry in ~/.ssh/config, and it worked.