Since Teleport doesn’t work with openssh v6.6 (look Teleport compatibility with OpenSSH v6) I built and installed a package with openssh v7.9.
This configuration works, but when I connect, I see the message:
agent key RSA-CERT SHA256:BfFp6VxoxN305UzfXfDpji84Y0gmCZe2zvknkquSJOY returned incorrect signature type
part of debug with -vvv
flag:
debug1: Offering public key: teleport:vagrant RSA-CERT SHA256:BfFp6VxoxN305UzfXfDpji84Y0gmCZe2zvknkquSJOY agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: teleport:vagrant RSA-CERT SHA256:BfFp6VxoxN305UzfXfDpji84Y0gmCZe2zvknkquSJOY agent
debug3: sign_and_send_pubkey: RSA-CERT SHA256:BfFp6VxoxN305UzfXfDpji84Y0gmCZe2zvknkquSJOY
debug2: sign_and_send_pubkey: using private key "teleport:vagrant" from agent for certificate
debug3: sign_and_send_pubkey: signing using rsa-sha2-512-cert-v01@openssh.com
agent key RSA-CERT SHA256:BfFp6VxoxN305UzfXfDpji84Y0gmCZe2zvknkquSJOY returned incorrect signature type
debug3: sign_and_send_pubkey: signing using ssh-rsa-cert-v01@openssh.com
is it possible to use rsa-sha2-512-cert-v01@openssh.com
instead of ssh-rsa-cert-v01@openssh.com
?
Teleport version:
vagrant@u100:~$ tctl version
Teleport v4.3.5 git:v4.3.5-0-g122349e78 go1.13.2
I specified ca_signature_algo
in the config file:
ca_signature_algo: "rsa-sha2-512"
but it didn’t help