Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Public key auth no longer working after switching to TOTP for passwords
« previous
next »
Print
Pages: [
1
]
Author
Topic: Public key auth no longer working after switching to TOTP for passwords (Read 898 times)
sewi
Newbie
Posts: 6
Karma: 1
Public key auth no longer working after switching to TOTP for passwords
«
on:
July 14, 2023, 08:51:21 am »
Hey there,
I've been using public keys to automatically access my opnsense boxes. Ever since I switched the authentication to TOTP, public key over SSH no longer works (password auth with the TOTP token prepended does work).
Is that intentional / how do I incorporate the TOTP token into the SSH public key authentication?
Logged
franco
Administrator
Hero Member
Posts: 17657
Karma: 1611
Re: Public key auth no longer working after switching to TOTP for passwords
«
Reply #1 on:
July 14, 2023, 11:01:52 am »
So if you turn TOTP off again the key auth still doesn't work?
Cheers,
Franco
Logged
sewi
Newbie
Posts: 6
Karma: 1
Re: Public key auth no longer working after switching to TOTP for passwords
«
Reply #2 on:
July 15, 2023, 10:59:33 am »
You're right, there's something else amiss.
I was confused, because it always worked, the only thing I changed was the TOTP setting and installing updates, and the log by default didn't show me anything.
After changing the level to informational, I see that the PubkeyAcceptedAlgorithms default must have changed during one of the updates and as such, the login failed. =/
Thanks!
Logged
franco
Administrator
Hero Member
Posts: 17657
Karma: 1611
Re: Public key auth no longer working after switching to TOTP for passwords
«
Reply #3 on:
July 15, 2023, 11:20:09 am »
Thanks for confirming. Yeah, so when OpenSSH was updated your current key algo was probably deprecated and no longer works in the default (secure) configuration.
Best course of action would be to generate new secure keys and swap out the old ones.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Public key auth no longer working after switching to TOTP for passwords