Greetings Community,
Today I found a solution to a Problem that has occurred since 21 August 2026.
Problem:
Remote Log Server process stop transferring logs to an external log server.
Troubleshooting:
- Ran logarchiver.plx -d15 -t . Requires password.
- Generated new keys and placed them in the authorized_hosts and known_hosts files on the remote server.
- Ran logarchiver.plx -d15 -t . Requires password.
- Ran /usr/sbin/logrotate -v /etc/logrotate.conf. Requires password for every file that will be transferred.
- Tried scp and ssh from UTM9 to remote server, worked without a password.
- Checked the authorized_hosts and known_hosts. Both only had rsa key.
- Added dsa key to remote server authorized_hosts and known_hosts.
- Ran logarchiver.plx -d15 -t . Requires password.
- Checked the community couldn't find anyone with a similar problem.
- Checked the internet for OpenSSH, solution found.
Solution
According to the information on the internet in regards to OpenSSH
- dsa type is disabled as default
- The sshd_config file need to have an entry to allow dsa key type usage
- Added PubkeyAcceptedKeyTypes=+ssh-ds to the sshd_config file
- Tested using /usr/sbin/sshd -p 22 -d -f /etc/config/ssh/sshd_config on the server and ssh -vvv -i .ssh/id_dsa admin@192.168.1.14 on the UTM9
- Test was successful, a password was not required and the connection was made.
It would be nice if this information was published somewhere on the Sophos website or in the support forum.
Also, why does the Sophos require the dsa key instead of the rsa key for the Remote Log Server transfer? According to the information on OpenSSH, dsa will eventually be discontinued in the future and is currently disabled since version 7 (Sophos 9.407-3 is currently using OpenSSH 6.2p2)
I hope this information is useful for others in the community.
This thread was automatically locked due to age.