2

I have setup an AlmaLinux9 server with SSHD. I have also generated a priv+pub key on my workstation, and when I check the algorithm used by my key it shows:

ssh-keygen -l -f myprivatekey.pem 2048 SHA256:p8qjW7xUG6CrB7I0edKIGoQarzHtTgqoHf7I32S7LcE testkey (RSA)

When I use this key to login from another AlmaLinux 9 workstation to the server, I can successfully login. When I try to use this same key from putty on a Windows client, the client says "Server refused our key", and the server secure log shows:

userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]

What exactly is using ssh-rsa algorithm? If my key algorithm is SHA256, which I think is rsa-sha2-256 (which is a modern and secure algorithm), why is the server complaining about "ssh-rsa". I assume putty is using a seperate algorithm for the session, and my putty settings show:

these ciphers

This post explains that putty uses a seperate algorithm for the session, but where can I see what algorithm it is using? I think my screenshot from putty settings > advanced > ssh settings > encryption shows acceptable algorithms, but I don't see reference to ssh-rsa. So why is putting using ssh-rsa?

In case it's relevant, I'm using "extraPUTTY v0.30"

Improve this question
8
  • 4
    This question is similar to: Understanding ssh-rsa not in PubkeyAcceptedAlgorithms. If you believe it’s different, please edit the question, make it clear how it’s different and/or how the answers on that question are not helpful for your problem.
    – Ja1024
    CommentedSep 23, 2024 at 16:06
  • Question updated to focus on how to determine which algorithm putty is using
    – TSG
    CommentedSep 23, 2024 at 16:18
  • 2
    ExtraPuTTY 0.30 is over 9 years old, and it looks like the project has been abandoned entirely. You definitely need to update to a recent OpenSSH client.
    – Ja1024
    CommentedSep 23, 2024 at 16:34
  • Is there a way to see what encryption cipher ExtraPutty is using? I tried PuTTY 0.81 and it logs in fine, so there is some encryption algorithm being used by putty/extraputty, but the "Encryption Cipher Policy" on both looks identical. I can't figure out where I can find the encryption putty is using for the session
    – TSG
    CommentedSep 23, 2024 at 17:07
  • The encryption cypher policy is specifying the semitic cypher to use for encrypting the tunnel once established. This has no5hing to do with your issue
    – user1937198
    CommentedSep 23, 2024 at 19:12

1 Answer 1

Reset to default
1

There's lots of good pieces of information in them comments that I think create a complete answer to my question (and more). I'll summarize them here so any other newbies can understand the key concepts:

  • The public/private keys are encrypted with an encryption algorithm (in my case SHA256 with 2048 bit key)
  • The ssh client program authenticates to the sshd server with a key exchange algorithm (should be rsa-sha2-256 or rsa-sha2-512, older ssh-rsa may be refused and that was my problem)
  • Once the ssh client program has authenticated, it encrypts it's communications with the sshd server using a cipher (as shown in the screenshot above), and this encrypted channel is the 'tunnel'

If I made a mistake/used the wrong term (cipher vs algorithm vs encryption) just comment and I'll revise. I think this answer will add some context for people still lost after reading this post

Improve this answer
2
  • 1
    How the private key is encrypted locally and the key exchange algorithm don’t matter in this case. In the context of keys, the identifier ssh-rsa stands for a raw RSA key pair. In the OpenSSH protocol, the key is used to calculate signatures. This requires the public-key algorithm like RSA to be combined with a hash algorithm. In the past, OpenSSH supported the combination of RSA with the SHA-1 hash algorithm and called this ssh-rsa as well. Since this combination is now obsolete, you instead have to use SHA-256 (rsa-sha2-256) or SHA-512 (rsa-sha2-512) as the hash algorithm.
    – Ja1024
    CommentedSep 24, 2024 at 17:19
  • It’s very unfortunate that OpenSSH uses the same name ssh-rsa for two different things: RSA public keys (which are perfectly fine) and RSA signatures based on SHA-1 (which is insecure and now obsolete). The latter should probably have been named rsa-sha1 instead to explicitly name the hash algorithm and make the identifier future-proof, but the OpenSSH designers/developers didn’t make that decision in the past.
    – Ja1024
    CommentedSep 24, 2024 at 17:20

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.