Oracle-Linux 9 and Vagrant's insecure key (ssh-rsa) #71
Description
When using Vagrant 2.3.0 with oraclelinux/9 (virtualbox, 9.0.367) vagrant up fails with a timeout after
... default: SSH username: vagrant default: SSH auth method: private key default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... ... On server side /var/log/secure shows
Aug 27 21:30:17 localhost sshd[1739]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth] Aug 27 21:30:17 localhost sshd[1739]: Connection closed by authenticating user vagrant 10.0.2.2 port 35552 [preauth] from OpenSSH_8.7p1, OpenSSL 3.0.1 14 Dec 2021
I would suggest this patch.
diff --git a/oracle-linux-image-tools/cloud/vagrant-virtualbox/files/vagrant-common.sh b/oracle-linux-image-tools/cloud/vagrant-virtualbox/files/vagrant-common.sh index 9d4312c..dd2562e 100755 --- a/oracle-linux-image-tools/cloud/vagrant-virtualbox/files/vagrant-common.sh +++ b/oracle-linux-image-tools/cloud/vagrant-virtualbox/files/vagrant-common.sh @@ -44,6 +44,11 @@ vagrant::config() EOF fi + # set crypto-policies to legacy, because vagrant's insecure key is of type ssh-rsa + if [[ "${ORACLE_RELEASE}" = "9" ]]; then + /bin/update-crypto-policies --set LEGACY + fi + cat >>/etc/sysconfig/sshd <<EOF # Decrease connection time by preventing reverse DNS lookups