sid で ~/.ssh/id_dsa を用いた passphrase での login ができなくなった.ssh -v で調べてみると
debug1: Skipping ssh-dss key /home/myn/.ssh/id_dsa for not in PubkeyAcceptedKeyTypes
とのこと.とのことで,~/.ssh/config に
Host *
PubkeyAcceptedKeyTypes +ssh-dss
とかを書いておけば id_dsa による共通鍵認証が利用できるようになる./usr/share/doc/openssh-client/changelog.Debian.gz によれば
openssh (1:7.1p1-1) unstable; urgency=medium
* New upstream release (http://www.openssh.com/txt/release-7.0, closes:
#785190):
- Support for the legacy SSH version 1 protocol is disabled by default
at compile time.
- Support for the 1024-bit diffie-hellman-group1-sha1 key exchange is
disabled by default at run-time. It may be re-enabled using the
instructions at http://www.openssh.com/legacy.html
- Support for ssh-dss, ssh-dss-cert-* host and user keys is disabled by
default at run-time. These may be re-enabled using the instructions
at http://www.openssh.com/legacy.html
(snip)
<pre>
<p><a href="http://www.openssh.com/legacy.html">http://www.openssh.com/legacy.html</a>によると
<pre>
OpenSSH 7.0 and greater similarly disables the ssh-dss (DSA) public key algorithm. It too is weak and we recommend against its use. It can be re-enabled using the HostkeyAlgorithms configuration option:
とのこと.どうやら鍵ペアを作りなおす時期になったらしい.確かに10年以上同じ鍵を使っている.