The SSH agent is reporting that a key it’s being asked to use has a different signature type than what the server expects, causing the connection to fail.
This usually means one of two things: either the key itself has been modified (unlikely but possible), or more commonly, the SSH agent is configured to present keys in a way the server doesn’t understand, or the server has a policy that disallows certain signature types.
Here’s a breakdown of common causes and how to fix them:
-
Outdated SSH Agent or Client: Older versions of
ssh-agentor thesshclient might not support newer signature algorithms (likeed25519) or might be presenting them in a way that’s incompatible with a newer server.- Diagnosis: Check your
sshandssh-agentversions. On most Linux/macOS systems, this isssh -V. - Fix: Update your OpenSSH client and agent. For example, on Ubuntu:
After updating, restart your SSH agent if it’s running in the background (often by logging out and back in, or killing thesudo apt update sudo apt upgrade openssh-client openssh-serverssh-agentprocess and lettingsshrestart it). - Why it works: Newer versions of OpenSSH have better support for modern cryptographic algorithms and may negotiate them more gracefully.
- Diagnosis: Check your
-
Server-Side Signature Restriction: The SSH server might be configured to explicitly disallow certain signature types that your agent is trying to use. This is often done for security hardening.
- Diagnosis: Examine the SSH server configuration file, typically
/etc/ssh/sshd_config, for directives likePubkeyAcceptedKeyTypesorHostKeyAlgorithms. - Fix: If you have administrative access to the server, you can modify
/etc/ssh/sshd_configto include the signature type your agent is trying to use. For example, if youred25519key is rejected, you might addssh-ed25519toPubkeyAcceptedKeyTypes. A restart of thesshdservice is required:
Caution: Modifying server-side security settings should be done with care. Ensure you understand the implications of accepting new key types.sudo systemctl restart sshd - Why it works: This explicitly tells the server to accept the signature type that was previously being rejected.
- Diagnosis: Examine the SSH server configuration file, typically
-
Agent Forwarding with Specific Key Types: When using agent forwarding (
ssh -A), the agent on your local machine presents keys to the remote server. If your local agent is configured to offer keys in a specific, potentially less common, order or format, and the remote server has strict policies, this can cause issues.- Diagnosis: Check your local
ssh-agent’s behavior. You can often see which keys it’s offering withssh-add -l. Also, check your client-side~/.ssh/configforIdentityAgentorIdentitiesOnlysettings. - Fix: You can explicitly tell your
sshclient which keys to use and in what order, or disable agent forwarding for specific hosts if it’s causing trouble. In your~/.ssh/configfile, you might specify:
Alternatively, you can try to ensure your agent offers common keys first by adding them in a specific order:Host problematic_server HostName server.example.com IdentityFile ~/.ssh/id_rsa # Or your preferred key ForwardAgent nossh-add ~/.ssh/id_rsa ssh-add ~/.ssh/id_ed25519 - Why it works: By controlling which keys are offered or disabling forwarding, you bypass the problematic negotiation that occurs when the agent tries to present a key type the server rejects.
- Diagnosis: Check your local
-
Corrupted or Modified SSH Key: While rare, it’s possible the private key file itself has been altered, leading to a change in its signature.
- Diagnosis: Compare the output of
ssh-keygen -lf ~/.ssh/your_private_keywith the public key (.pubfile) on the server. They should match. Also, check file permissions and ownership. - Fix: If the key is corrupted, you’ll need to regenerate it and re-add the public key to the
authorized_keysfile on the server.
Then, update yourssh-keygen -t rsa -b 4096 -f ~/.ssh/new_key ssh-copy-id user@server.example.com -i ~/.ssh/new_key.pub~/.ssh/configto usenew_key. - Why it works: A fresh, uncorrupted key will have a valid signature that the server can verify.
- Diagnosis: Compare the output of
-
Mismatch in Key Format (e.g., PEM vs. OpenSSH): Sometimes, keys are converted between formats (e.g., from PuTTY’s
.ppkto OpenSSH’sid_rsa). If this conversion is incomplete or uses an older method, the signature encoding might be off.- Diagnosis: Check the
ssh-keygen -l -f ~/.ssh/your_private_keyoutput. It should clearly show the key type (e.g., RSA, ED25519). If it looks garbled or shows an unexpected type, the format might be wrong. - Fix: Re-import or re-convert the key using the latest
ssh-keygenor the appropriate tool for your key’s origin. For example, to convert a PEM file:
Then add the new key to your agent:ssh-keygen -f ~/.ssh/old_format_key -N "" -C "my comment"ssh-add ~/.ssh/old_format_key - Why it works: Ensures the key is in a standard, recognized format that the SSH protocol expects and the agent can correctly process.
- Diagnosis: Check the
-
SSH Agent Configuration (
ssh-addoptions): Thessh-addcommand itself can take options that affect how keys are presented.- Diagnosis: Review any custom scripts or commands used to add keys to the agent. Look for flags like
-s(PKCS#11) or specific identity file paths that might be overriding default behavior. - Fix: Try adding keys without any special options first:
If you encounter the error, try explicitly specifying the key type your server expects, if known, or a more common one. For example, ifssh-add ~/.ssh/id_rsa ssh-add ~/.ssh/id_ed25519ed25519is failing, tryssh-add -s pkcs11or ensure your~/.ssh/configis pointing to a standardid_rsaif that’s what the server is configured for. - Why it works: Removes any potentially problematic custom options that might be causing the agent to present keys in an incompatible format.
- Diagnosis: Review any custom scripts or commands used to add keys to the agent. Look for flags like
After resolving the signature type mismatch, you might encounter a Permissions 0644 for '~/.ssh/authorized_keys' are too open. error if the server’s sshd_config has strict StrictModes enabled and the authorized_keys file permissions are not set correctly (they should typically be 600 or 644 depending on the server setup, but 600 is safest for authorized_keys).