Oracle-Linux 9 and Vagrant's insecure key (ssh-rsa) #71
Description
When using Vagrant 2.3.0 with oraclelinux/9 (virtualbox, 9.0.367) vagrant up fails with a timeout after
...
default: SSH username: vagrant
default: SSH auth method: private key
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
default: Warning: Authentication failure. Retrying...
...
On server side /var/log/secure shows
Aug 27 21:30:17 localhost sshd[1739]: userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]
Aug 27 21:30:17 localhost sshd[1739]: Connection closed by authenticating user vagrant 10.0.2.2 port 35552 [preauth]
from OpenSSH_8.7p1, OpenSSL 3.0.1 14 Dec 2021
I would suggest this patch.
diff --git a/oracle-linux-image-tools/cloud/vagrant-virtualbox/files/vagrant-common.sh b/oracle-linux-image-tools/cloud/vagrant-virtualbox/files/vagrant-common.sh
index 9d4312c..dd2562e 100755
--- a/oracle-linux-image-tools/cloud/vagrant-virtualbox/files/vagrant-common.sh
+++ b/oracle-linux-image-tools/cloud/vagrant-virtualbox/files/vagrant-common.sh
@@ -44,6 +44,11 @@ vagrant::config()
EOF
fi
+ # set crypto-policies to legacy, because vagrant's insecure key is of type ssh-rsa
+ if [[ "${ORACLE_RELEASE}" = "9" ]]; then
+ /bin/update-crypto-policies --set LEGACY
+ fi
+
cat >>/etc/sysconfig/sshd <<EOF
# Decrease connection time by preventing reverse DNS lookups