February 20, 20251 yr After upgrading the plugin SSH pubkey auth stopped working. The sshd_config looks fine , so do perms under .ssh for root. ❯ ssh -v root@tower OpenSSH_9.8p1, LibreSSL 3.3.6 debug1: Reading configuration data /Users/jsorondo/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/* matched no files debug1: /etc/ssh/ssh_config line 54: Applying options for * debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling debug1: Connecting to tower port 22. debug1: Connection established. debug1: identity file /Users/jsorondo/.ssh/id_rsa type 0 debug1: identity file /Users/jsorondo/.ssh/id_rsa-cert type -1 debug1: identity file /Users/jsorondo/.ssh/id_ecdsa type 2 debug1: identity file /Users/jsorondo/.ssh/id_ecdsa-cert type -1 debug1: identity file /Users/jsorondo/.ssh/id_ecdsa_sk type -1 debug1: identity file /Users/jsorondo/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /Users/jsorondo/.ssh/id_ed25519 type -1 debug1: identity file /Users/jsorondo/.ssh/id_ed25519-cert type -1 debug1: identity file /Users/jsorondo/.ssh/id_ed25519_sk type -1 debug1: identity file /Users/jsorondo/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /Users/jsorondo/.ssh/id_xmss type -1 debug1: identity file /Users/jsorondo/.ssh/id_xmss-cert type -1 debug1: identity file /Users/jsorondo/.ssh/id_dsa type -1 debug1: identity file /Users/jsorondo/.ssh/id_dsa-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_9.8 debug1: Remote protocol version 2.0, remote software version OpenSSH_9.9 debug1: compat_banner: match: OpenSSH_9.9 pat OpenSSH* compat 0x04000000 debug1: Authenticating to tower:22 as 'root' debug1: load_hostkeys: fopen /Users/jsorondo/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: [email protected] debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: SSH2_MSG_KEX_ECDH_REPLY received debug1: Server host key: ecdsa-sha2-nistp256 SHA256:UgF6totHcRV1mv091lySmWY3k6GCwl3XalVG151PYPQ debug1: load_hostkeys: fopen /Users/jsorondo/.ssh/known_hosts2: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory debug1: Host 'tower' is known and matches the ECDSA host key. debug1: Found key in /Users/jsorondo/.ssh/known_hosts:1 debug1: ssh_packet_send2_wrapped: resetting send seqnr 3 debug1: rekey out after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: Sending SSH2_MSG_EXT_INFO debug1: expecting SSH2_MSG_NEWKEYS debug1: ssh_packet_read_poll2: resetting read seqnr 3 debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 134217728 blocks debug1: SSH2_MSG_EXT_INFO received debug1: kex_ext_info_client_parse: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256> debug1: kex_ext_info_check_ver: [email protected]=<0> debug1: kex_ext_info_check_ver: [email protected]=<0> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: SSH2_MSG_EXT_INFO received debug1: kex_ext_info_client_parse: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256> debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey debug1: get_agent_identities: bound agent to hostkey debug1: get_agent_identities: agent returned 1 keys debug1: Will attempt key: /Users/jsorondo/.ssh/id_ecdsa ECDSA SHA256:cb7Y7E1XvjOsM9ukcsMuVfFY+NSdNGgtJZRB2c+bMBY agent debug1: Will attempt key: /Users/jsorondo/.ssh/id_rsa RSA SHA256:uYNTEgGbMMUQIwmMFqNdvGWL3R0wd5EgB5l09yuMoBM debug1: Will attempt key: /Users/jsorondo/.ssh/id_ecdsa_sk debug1: Will attempt key: /Users/jsorondo/.ssh/id_ed25519 debug1: Will attempt key: /Users/jsorondo/.ssh/id_ed25519_sk debug1: Will attempt key: /Users/jsorondo/.ssh/id_xmss debug1: Will attempt key: /Users/jsorondo/.ssh/id_dsa debug1: Offering public key: /Users/jsorondo/.ssh/id_ecdsa ECDSA SHA256:cb7Y7E1XvjOsM9ukcsMuVfFY+NSdNGgtJZRB2c+bMBY agent debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Offering public key: /Users/jsorondo/.ssh/id_rsa RSA SHA256:uYNTEgGbMMUQIwmMFqNdvGWL3R0wd5EgB5l09yuMoBM debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Trying private key: /Users/jsorondo/.ssh/id_ecdsa_sk debug1: Trying private key: /Users/jsorondo/.ssh/id_ed25519 debug1: Trying private key: /Users/jsorondo/.ssh/id_ed25519_sk debug1: Trying private key: /Users/jsorondo/.ssh/id_xmss debug1: Trying private key: /Users/jsorondo/.ssh/id_dsa debug1: Next authentication method: keyboard-interactive (root@tower) Password:
February 20, 20251 yr dude i thought it was just me. will investigate, but i currently have no idea why this is happening or what could have caused this. this might have been happening since the 2025.02.06 release. apologies if this breaks yours or anyone else's workflow. fwiw, it also breaks mine.
February 21, 20251 yr Just spent a couple hours thinking I was going crazy and doing something wrong. Of course this happens the day after I upgrade the backup server (which connects via ssh) so I was looking there for the problem.... Well glad I'm done troubleshooting and can wait until this is resolved 😅
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.