oriolrius.cat

Des del 2000 compartiendo sobre…

Mikrotik passwordless SSH with public key

Reading time: 2 – 4 minutes

Following the instructions described in the official documentation:

https://wiki.mikrotik.com/wiki/Use_SSH_to_execute_commands_(public/private_key_login)

The process is as always as easy as:

# upload the id_rsa.pub file
# then import the public key file for the user used for connecting via SSH
user ssh-keys import public-key-file=id_rsa.pub user=admin-ssh
# and it's done.

Everything was OK with my WSL Ubuntu 20.04. (I added WSL at the beginning of the versions because it runs in Windows Subsystem Linux).

But, with the newest WSL Ubuntu 22.04 I was unsuccessful.

Being precise, the SSH versions are:

# WSL Ubuntu 20.04
$ ssh -V
OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f  31 Mar 2020

# WSL Ubuntu 22.04
$ ssh -V
OpenSSH_8.9p1 Ubuntu-3, OpenSSL 3.0.2 15 Mar 2022

After connecting with verbose details, I found this message, that was the key for solving the problem:

debug1: Offering public key: /home/my_user/.ssh/id_rsa RSA SHA256:2******************************Y agent
debug1: send_pubkey_test: no mutual signature algorithm

Then, I discovered that newest SSH versions aren’t compatible with Mikrotik SSH version. It seems that version isn’t enough newest and are incompatible with how public keys are negotiated at the beginning of the connection.

Finally, the solution was to use an extra parameter for establishing the connection:

ssh -o 'PubkeyAcceptedAlgorithms +ssh-rsa' THE_USER@THE_HOST

Of course, an alternative is using ~/.ssh/config file or the system file: /etc/ssh/ssh_config and add this parameter for everything, or specific hosts. For instance, like this:

Host JUST_A_NAME_OF_THE_CONNECTION
  Hostname THE_IP_ADDRESS_OR_HOSTNAME_OF_THE_TARGET_HOST
  user THE_USER
  PubkeyAcceptedAlgorithms +ssh-rsa

Comments are closed.

Últimas entradas

Avui ja n’he fet 20

Reading time: < 1 minute Aprofito aquesta entrada per comentar una nova efemèride s’ha produït avui mateix. Ja que després de 46 anys menys dos dies he visitat de nou l’hospital on vaig néixer. Aquest cop per fer-me unes radiografies

Leer más »

Resumen 2022

Reading time: 26 – 42 minutes El 2022 empezó esquiando en Candanchú. Un fin de año en familia y con una COVID que se iba despidiendo después de habernos cambiado la vida a todos. Hemos tenido la fortuna de que

Leer más »

Deploying gotop with Ansible

Reading time: 1 – 2 minutes Gotop is a terminal based graphical activity monitor inspired by gtop and vtop; it’s available at: https://github.com/xxxserxxx/gotop/ I published a role in Ansible Galaxy for deploying gotop in Linux servers. The role page in

Leer más »
Archivo