Fixing dropbear ssh Permission denied (publickey) error
Remote unlocking of full disk encryption via dropbear-ssh stopped worked on one machine. I still don’t know why, as it continues to work on numerous other machines, despite all being built from the same image. But oh well.
It’s an ssh issue:
Permission denied (publickey)
Attempting to connect via ssh with additional debug options -vvvv gave me:
debug1: send_pubkey_test: no mutual signature algorithm
Which I think means that OpenSSL on my laptop doesn’t, by default, use RSA SHA-1 anymore.
I tried re-keying using ssh-keygen, but no change.
I tried re-keying using ED25519, but dropbear does not support this (or, at least, the version available to Raspberry Pi OS does not).
So I went for a workaround. I added
PubkeyAcceptedKeyTypes +ssh-rsa
to the host’s entry in ~/.ssh/config, and it worked.
You may also like:
- Unlocking a LUKS-encrypted partition via ssh on Debian 12 Bookworm
- Unwanted spam on Ubuntu ssh login (and how to stop it)
- Snikket, a self-contained XMPP distribution
- GSConnect (KDE Connect), WireGuard, and Debian 12 Bookworm
- NetworkManager: automatically switch between Ethernet and Wi-Fi
- Fixing sogo's 'incorrect string value' error
- Updating the LUKS key derivation function on Debian
- Backing up to a USB stick automatically via udev
- Fixing espanso incomplete text replacement
- Automating actions in Nautilus (GNOME's file manager) with scripts
- Jabra Evolve2 40 and Debian Linux
- Debian on a £190 Lenovo ThinkPad X1 Yoga Gen 2
- Enabling Webauthn in Firefox via snap
- Decrapifying (mostly) an Amazon Fire 8 HD Kids tablet via Linux
- Microsoft SurfaceBook 2 running Debian Linux working with two 4K screens