Resolve an RSA key-based connection failure to an instance - Elastic Compute Service

If you have Elastic Compute Service (ECS) instances that run operating systems such as Ubuntu and CentOS Stream 9, you may be unable to connect to the instances from specific types of SSH client (such as FinalShell and nuoshell clients) by using Rivest Shamir Adleman (RSA) keys. This topic describes how to resolve such an RSA key-based connection failure.

Background information

RSA is an asymmetric algorithm designed for public key cryptography and is widely used in e-commerce. Asymmetric algorithms require the use of key pairs that consist of public keys and private keys. Public keys and private keys are generated based on the algorithms. By default, key pairs created in ECS use RSA encryption. For more information, see Overview.

RSA key-based connection failure to a Ubuntu 22.04 instance

In the SSH protocol, the ssh-rsa signature scheme uses the SHA-1 hash algorithm together with the RSA public key algorithm. The SHA-1 hash algorithm is vulnerable to attacks. The ssh-rsa signature scheme has been deprecated in OpenSSH since the release next to 8.7.

Note The deprecation of the ssh-rsa signature scheme does not require cessation of use for RSA keys. Keys can sign by using multiple algorithms. In particular, RSA keys can use rsa-sha2-256 (RSA/SHA256), rsa-sha2-512 (RSA/SHA512), and ssh-rsa (RSA/SHA1) to sign. Only ssh-rsa (RSA/SHA1) is disabled by default.

Problem description

When you attempt to connect to a Ubuntu 22.04 instance from an SSH client (such as a FinalShell or nuoshell client) by using an RSA key, the SSH client returns a connection failure and the following sshd log data:

userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]

Cause

For the most recent operating system versions, OpenSSH no longer supports the ssh-rsa signature scheme by default and the use of this signature scheme leads to connection failures. However, specific types of SSH client such as FinalShell and nuoshell clients support only ssh-rsa (RSA/SHA1) by default and are incompatible with rsa-sha2-256 (rsa/SHA256) or rsa-sha2-512 (rsa/SHA512). As a result, these types of SSH client cannot be used to connect to the instance.

Solution

You can use one of the following methods to resolve the issue:

Method 1: Use a different encryption method such as elliptic curve digital signature algorithm (ECDSA) or digital signature algorithm (DSA) encryption.
Method 2: Use a different type of SSH client to connect to the instance, such as Workbench provided by Alibaba Cloud. For more information about how to connect to an instance by using Workbench, see Connection methods.
Method 3: Run the following commands to allow the use of ssh-rsa (RSA/SHA1) in sshd configurations.

Important ssh-rsa (RSA/SHA1) may pose security risks. Proceed with caution.
```
echo 'PubkeyAcceptedAlgorithms=+ssh-rsa' >> /etc/ssh/sshd_config
systemctl restart sshd
```

RSA key-based connection failure to a CentOS Stream 9 instance or an instance that runs another operating system version

Affected operating system versions

CentOS Stream 9
AlmaLinux 9
Rocky Linux 9
Red Hat Enterprise Linux 9
Fedora 33 and later

Problem description

When you attempt to connect to an instance from an SSH client (such as a FinalShell or nuoshell client) by using an RSA key, the SSH client returns a connection failure and the following sshd log data:

userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]

Cause

By default, CentOS Stream 9 operating systems use the DEFAULT cryptographic policy. This policy disables ssh-rsa (RSA/SHA1) for openssh-server. However, specific types of SSH client such as FinalShell and nuoshell clients support only ssh-rsa (RSA/SHA1) by default and are incompatible with rsa-sha2-256 (rsa/SHA256) or rsa-sha2-512 (rsa/SHA512). As a result, these types of SSH client cannot be used to connect to the instance.

Note You can run the update-crypto-policies --show command to view the current system cryptographic policy.

Solution

You can use one of the following methods to resolve the issue:

Method 1: Use a different encryption method such as ECDSA or DSA encryption.
Method 2: Use a different type of SSH client to connect to the instance, such as Workbench provided by Alibaba Cloud. For more information about how to connect to an instance by using Workbench, see Connection methods.
Method 3: Run the following commands to switch the cryptographic policy to the LEGACY level.

Important The LEGACY policy may pose unknown security risks. Proceed with caution.
```
update-crypto-policies --set LEGACY
update-crypto-policies --show
```