- Newest
- Most votes
- Most comments
- To fix it, add following 2 lines to /etc/ssh/sshd_config
TrustedUserCAKeys /etc/ssh/lightsail_instance_ca.pub
CASignatureAlgorithms +ssh-rsa
- Restart
/etc/init.d/ssh restart
Problem
Log in failed. If this instance has just started up, try again in a minute or two.
CLIENT_UNAUTHORIZED [769]
My
/etc/ssh/sshd_config
file was missing "CASignatureAlgorithms +ssh-rsa". Adding it fixed the connection problem.
I too was facing this issue and found the exact steps to fix it (comparing a lightsail instanced that was working)
This is without opening the other settings
Step 1) Download the default key
Step 2) Connect using a terminal app with that key
Step 3) sudo nano /etc/ssh/sshd_config
Step 4) Add Include /etc/ssh/sshd_config.d/*.conf
I put it around line 10 - there is a gap there between a bunch of commented items
Step 5) At the very bottom you should see TrustedUserCAKeys /etc/ssh/lightsail_instance_ca.pub
Add CASignatureAlgorithms +ssh-rsa on the next line
Step 6) Ctrl + X to save and exit
Step 7) sudo service ssh restart
The web terminal should now work
Hello,
I have lost my default key and my browser-based SSH also not working. What can I do in this case?
Was this LightsailDefaultKeyPair ? If yes, that can be downloaded again from Lightsail.
If not, you could create a snapshot the instance and a new instance from that snapshot. During this creation picking a different keypair will allow you to get access to this new instance and recover your data.
One possible reason for this error is the system clock on your instance being out of sync with reality. If that's the case, https://forums.aws.amazon.com/thread.jspa?messageID=812946 is a similar issue.
If you can login into your instance using PuTTY, please try checking the system clock. If it drifted too much, Lightsail in-browser SSH will not be able to connect.
If this keeps happening, please consider setting up https://en.wikipedia.org/wiki/Ntpd on your instances.
Over a year later, I know. I am having the same error, on a brand new Lightsail instance. The timezone, date, and time are set to mine, which is the same as the instance region. I am also running chrony to keep time in synchronisation.
I had the same issue after I upgraded Ubuntu from 18.04 to 20.04.
I believe this is due to recent changes on ssh that stopped supporting RSA/SHA1 CA algorithm.
Although there is a risk, you can allow it explicitly for now. Maybe it's better to upload another public key.
This solved it for me too, after an upgrade from Ubuntu 18 to Ubuntu 20. Thanks!
Edited by: RigaDorje on Apr 7, 2021 11:26 AM
Relevant content
- asked 4 months ago
- asked 3 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a month ago
In my case is because I updated ssh, to solved it I created a new instance from snapshot.