userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms

When login to an Ubuntu 22.04 server using FileZilla SFTP, got login failed error.

Status:	Connecting to 51.38.246.115:3333...
Response:	fzSftp started, protocol_version=9
Command:	keyfile "/home/boby/.ssh/id_rsa"
Command:	open "root@51.38.246.115" 3333
Command:	Trust new Hostkey: Once
Command:	Pass: 
Error:	Authentication failed.
Error:	Critical error: Could not connect to server
Status:	Disconnected from server

Status: Connecting to 51.38.246.115:3333...

Response: fzSftp started, protocol_version=9

Command: keyfile "/home/boby/.ssh/id_rsa"

Command: open "[email protected]" 3333

Command: Trust new Hostkey: Once

Command: Pass:

Error: Authentication failed.

Error: Critical error: Could not connect to server

Status: Disconnected from server

On checking /var/log/auth.log, found the following error message.

sshd[8916]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]
sshd[8916]: Connection closed by authenticating user root MY_IP_ADDR port 56559 [preauth]

1 2	sshd[8916]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth] sshd[8916]: Connection closed by authenticating user root MY_IP_ADDR port 56559 [preauth]

The error “ssh-rsa not in PubkeyAcceptedAlgorithms” happens when trying to connect to a server which only support more secure algorithm, such as SHA-256 or better.

To fix the error, edit file

vi /etc/ssh/sshd_config

1	vi /etc/ssh/sshd_config

At the end of the file, add

PubkeyAcceptedAlgorithms +ssh-rsa

1	PubkeyAcceptedAlgorithms +ssh-rsa

Restart sshd

systemctl restart sshd

1	systemctl restart sshd

To view currently supported Algorithms, run

sshd -T | grep -i pubkeyacceptedkeytypes

1	sshd -T \| grep -i pubkeyacceptedkeytypes

key type ssh-rsa not in PubkeyAcceptedAlgorithms

You can use pubkeyacceptedkeytypes instead of PubkeyAcceptedAlgorithms in /etc/ssh/sshd_config

Back to SSH

Leave a Reply Cancel reply