ssh-rsa keys dont work on AlmaLinux

[Bartosz Kowalewski]

Hi.

After upgrading to AlmaLinux 9.x ssh-rsa keys stopped working.

example output:

Authentication failure connecting to node: "dev-keycloak01". Make sure your resource definitions and credentials are up to date.

Of course I can do ssh with rundeck user without any problem or run script from one node - but once I want to create job it stops working.

following bypass works on Ubuntu but not on Alma:

sshd config:

HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms=+ssh-rsa

Any ideas? I'm not in the mood to replace keys on 200 servers ;/

Thanks

[rac...@rundeck.com]

Hi,

Could you try with SSHJ node executor instead default SSH? Like this thread.

Regards.

[Bartosz Kowalewski]

I am using sshj-ssh 0.1.7

everything worked on Ubuntu 20.xx and lower and Alma 8.x, but not on 9.x

--
You received this message because you are subscribed to the Google Groups "rundeck-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rundeck-discu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rundeck-discuss/670a104e-afe3-4149-8639-b354c14c02a6n%40googlegroups.com.

[rac...@rundeck.com]

I see,

Another approach is to add the following line on your sshd_config file on the SSH target node and restart the SSH service:

PublickeyAcceptedKeysTypes +ssh-rsa

Also, check the openssh policies on the /etc/crypto-policies/back-ends/opensshserver.config file like this.

Regards.

​

[Bartosz Kowalewski]

Thanks, following command fixed issue :)

update-crypto-policies --set DEFAULT:SHA1 

To view this discussion on the web visit https://groups.google.com/d/msgid/rundeck-discuss/d869c8e0-d125-4ae6-aad4-b4e3197aac7en%40googlegroups.com.

[rac...@rundeck.com]

Great news then!

Cheers.