Skip to Content

signature algorithm ssh-dss not in PubkeyAcceptedAlgorithms

554  admin March 20, 2025  Common Errors & Troubleshooting

ssh jump server

How to fix "userauth_pubkey: signature algorithm ssh-dss not in PubkeyAcceptedAlgorithms"?

Overview: This article describes how to fix the "userauth_pubkey: signature algorithm ssh-dss not in PubkeyAcceptedAlgorithms" error by enabling ssh-dss in the SSH configuration and restarting the service.

Step 1: Login to the server and tail /var/log/secure to check errors. Refer below example.

root@gateway :~# tail -f /var/log/auth.log

userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]

Step 2: Run the following command to see the key types enabled on the server.

root@gateway :~# sshd -T | grep -i key

pubkeyacceptedkeytypes [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],ssh-ed25519,[email protected],rsa-sha2-512,rsa-sha2-256,ssh-rsa

Step 3: Open /etc/ssh/sshd_config and append the below line to enable ssh-dss.

root@gateway :~# vim /etc/ssh/sshd_config

PubkeyAcceptedKeyTypes +ssh-dss

root@gateway :~# systemctl restart sshd

Step 4: Re-run the below command and confirm that ssh-dss has been enabled.

root@gateway :~# sshd -T | grep -i key

pubkeyacceptedkeytypes [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],ssh-ed25519,[email protected],rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss

Step 5: Try to modify the user now and confirm it's working fine.

How to view the list of KEX and Keys in the Linux server?

How to list keys in the Linux server?

root@gateway :~# ssh -Q key

ssh-ed25519
[email protected]
ssh-rsa
ssh-dss
ecdsa-sha2-nistp256
ecdsa-sha2-nistp384
ecdsa-sha2-nistp521
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]

How to list KEX in the Linux server?

root@gateway :~# ssh -Q kex

diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
diffie-hellman-group-exchange-sha1
diffie-hellman-group-exchange-sha256
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
curve25519-sha256
[email protected]

Inorder to change ssh-dss key to ssh-rsa, follow below article.

How to reset cluster keys in Ezeelogin?

Related articles:

userauth_pubkey: signature algorithm ssh-rsa not in PubkeyAcceptedAlgorithms
Error: User modify failed. Cannot modify user on this node: Authentication by SSH key failed!
Error: User modify failed. Cannot modify user on other node: Authentication by SSH key failed!
Rating: 5 (1 Votes)