Question & Answer
Question
Why does passwordless/public key authentication stop working after I upgrade from an earlier version of OpenSSH to OpenSSH 7.1?
Answer
Starting with the 7.0 release of OpenSSH, support for DSA keys has been disabled by default at run time due to their inherit weakness. If you rely on these key types, you will have to take corrective action or risk being locked out.
Your best option is to generate new keys using strong algorithms such as RSA or ECDSA or ED25519. RSA keys will give you the greatest portability with other clients/servers while ed25519 will get you the best security with OpenSSH.
[{"Product":{"code":"SWG10","label":"AIX"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"--","Platform":[{"code":"PF002","label":"AIX"}],"Version":"5.3;6.1;7.1;Version Independent","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
Was this topic helpful?
Document Information
Modified date:
17 June 2018
UID
isg3T1024993