Skip to Content

ssh-dss error while modifying user

How to fix "userauth_pubkey: signature algorithm ssh-dss not in PubkeyAcceptedAlgorithms"

  1. Login to server and tail /var/log/secure to check errors. Refer below example.

[email protected] ~]# tail -f /var/log/auth.log

userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]

2. Run the following command to see which all key types are enabled on the server.

[email protected]:~# sshd -T | grep -i key

pubkeyacceptedkeytypes [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],ssh-ed25519,[email protected],rsa-sha2-512,rsa-sha2-256,ssh-rsa

3. Open /etc/ssh/sshd_config and append the below line to enable ssh-dss.

[email protected] ~]# vim /etc/ssh/sshd_config

PubkeyAcceptedKeyTypes +ssh-dss

[email protected] ~]# systemctl restart sshd

4. Re-run the below command and confirm that ssh-dss has been enabled.

[email protected]:~# sshd -T | grep -i key

5. Try to modify the user now and confirm it's working fine.


Related articles