11/3/2016 - 11:22 AM

Issus with the new OpenSSH in Sierra Mac Os X

Issus with the new OpenSSH in Sierra Mac Os X

Upgrade of OpenSSH in mac os x sierra to: OpenSSH_7.2p2, LibreSSL 2.4.1 give rise to authentication problems with private keys

The turn around:

Create a config file in ~/.ssh/config and add:

AddKeysToAgent yes

Note that the second line was a suggestion that worked. Another turn around was not using dsa key anymore and come back to rsa

Ultimately, I switched from a DSA key to a 2048 bit RSA key (ssh-keygen -t rsa -b 2048), although you could add something like PubkeyAcceptedKeyTypes=+ssh-dss to your config file (not tested) (http://stackoverflow.com/questions/39715135/problems-deploying-code-with-capistrano-since-upgrading-to-macos-10-12-sierra)

Note also that the AddKeysToAgent yes line was ALSO added to /etc/ssh/ssh_config (as root), but I don't know whether it is also required.

Finally, remember that this issue led me to change the ssh public key in the ifb cloud settings. I have no idea why this new public key is not taken into account since my macbook air which is still in El Capitan and has no new "ifb_dsa" can connect to ifb vm...

Now I get the issue expected from the remark above ! the new ifb_dsa key started with new ifb instances...

to fix this ssh-add ~/.ssh/ifb_dsa