Gitian: Debian host needs non-dss ssh key
I'm trying to build Tor Browser on a Debian stretch host. It prompts for an SSH password at on-target in make-vms.sh here:
stop-target $bits $dist start-target $bits $dist-$arch & for i in 1 2 3 do sleep 2 on-target /bin/true && break done
Debugging on-target using a verbose SSH connection, I see that the problem is the format of the key:
debug1: Skipping ssh-dss key ./var/id_dsa - not in PubkeyAcceptedKeyTypes debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Next authentication method: password debian@localhost's password:
I'm guessing it's because of the disabling of ssh-dss keys: http://www.openssh.com/legacy.html.
I worked around it by changing the key type to ecdsa in make-base-vm:
- ssh-keygen -t dsa -f var/id_dsa -N "" + ssh-keygen -t ecdsa -f var/id_dsa -N ""