Make sure that your key algorithm of choice is supported.
On Ubuntu 20.04 or later you must explicitly allow the use of the ssh-rsa algorithm. Add the following line to your OpenSSH daemon file (which is either `/etc/ssh/sshd_config` or a drop-in file under
Make sure that your key algorithm of choice is supported. On Ubuntu 20.04 or later you must explicitly allow the use of the ssh-rsa algorithm. Add the following line to your OpenSSH daemon file (which is either `/etc/ssh/sshd_config` or a drop-in file under
`/etc/ssh/sshd_config.d/`):
```
```bash
CASignatureAlgorithms +ssh-rsa
```
Alternatively, `ed25519` keys are accepted by default in OpenSSH. You could use this instead of rsa if needed:
```bash
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```
@ -375,7 +376,7 @@ Host FooServer
#### Protecting a Private Key
The purpose of the passphrase is usually to encrypt the private key.
This makes the key file by itself useless to an attacker.
This makes the key file by itself useless to an attacker.
It is not uncommon for files to leak from backups or decommissioned hardware, and hackers commonly exfiltrate files from compromised systems.
```diff
@ -418,25 +419,6 @@ Now you can adjust you config:
ls -al
```
## FAQ
### Login with an EC2 instance
See the [solution](https://github.com/appleboy/ssh-action/issues/80#issuecomment-1130407377). Open the following file
```sh
/etc/ssh/sshd_config
```
and add the following configuration
```sh
PubkeyAuthentication yes
PubkeyAcceptedKeyTypes=+ssh-rsa
```
restart the ssh server finally.
## Contributing
We would love for you to contribute to `appleboy/ssh-action`, pull requests are welcome!