Ubuntu

openssh-server doesn't accept aes256-cbc key

Asked by Pavol Gono

I am using putty connection with RSA key cached in pageant and want to login without password.

Private key on windows:
PuTTY-User-Key-File-2: ssh-rsa
Encryption: aes256-cbc
...

On ubuntu there is public key in .ssh/authorized_keys
ssh-rsa AAAAB3Nz...JBjQ== palo@winpgnotas

This key worked well in ubuntu versions 14.04...17.10
When I tried 18.04 beta, I am getting sshd error:
mar 15 10:26:21 ubox sshd[5205]: error: userauth_pubkey: could not parse key: Invalid key length [preauth]
and I have to provide password.

I've found that aes256-cbc is not in the list of allowed ciphers by default, so I added
Ciphers +aes256-cbc
to /etc/ssh/sshd_config
(and verified with nmap --script ssh2-enum-algos -sV -p 22 127.0.0.1)
but this didn't help.

Is this bug or another config setting is needed to allow aes256-cbc key?

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
actionparsnip (andrew-woodhead666) said : 		#1

I suggest you report a bug. Bionic is not ready and not stable

Can you help with this problem?

Provide an answer of your own, or ask Pavol Gono for more information if necessary.

To post a message you must log in.