Community discussions

MikroTik App
 
davidon
just joined
Topic Author
Posts: 13
Joined: Wed Sep 28, 2022 10:03 pm

Passwordless SSH doesn't work

Sat Jan 14, 2023 7:36 pm

Hello all,

I was trying to make a passwordless SSH connection to my Mikrotik router (RouterOS 6.49).

There already were some threads about it, like this:
viewtopic.php?f=2&t=38821

And there is a documentation about SSH in Mikrotik:
https://help.mikrotik.com/docs/display/ ... -SSHServer

But for some reason it doesn't work for me.

The steps which I did are as follows:

1. At the first time that I connected to the Mikrotik device, I imported its public key by entering "yes" to the prompt which followed the command:
$ ssh "$host"
While $host is the IP address of the Mikrotik router.

2. I created a public and private key pair with the command:
$ ssh-keygen -t rsa
Which created two files in working directory - let's call them:
"abc" - the private key.
"abc.pub" - the public key.

I uploaded "abc.pub" to the Mikrotik router via HTTP interface.
Then, I associated that public key to my user (assume that my username is "admin"):
/user ssh-keys import public-key-file=abc.pub user=admin
I can see in webfig that this new public key is truly associated with my user, so it works.

But when I try to do SSH connection from my PC to the Mikrotik device, then it still asks me for a password:
ssh -i "/path/to/private/key/abc" "$host"

Note the configuration:
[admin@Mikrotik] > /ip ssh print 
always-allow-password-login: no

I don't understand why it doesn't work.
Has anyone encountered this issue?
 
davidon
just joined
Topic Author
Posts: 13
Joined: Wed Sep 28, 2022 10:03 pm

Re: Passwordless SSH doesn't work  [SOLVED]

Sat Jan 14, 2023 8:15 pm

Found solution:

From thread:
viewtopic.php?t=185635

So I needed to add the following to the command line:
-o "PubkeyAcceptedAlgorithms=ssh-rsa"
Overall, the command line which performs the SSH connection looks like this:
ssh -o "PubkeyAcceptedAlgorithms=ssh-rsa" -i "/path/to/private/key/abc" "$host"

Dear Mikrotik developers,
Could you please update the software to support the more advanced algorithms?

Who is online

Users browsing this forum: hatred, mtkvvv, voytecky and 38 guests