Server runs Trixie. Client runs Trixie.
Local connection, my RSA key is used, passwordless login. Tor connection (Tor Hidden Service), I am asked for password.
Also over Tor connection, but not local: SSH proxy fails to connect.
It feels like there is a MITM attack. But could also be an SSH-over TCP issue?
All of this worked under buster. Not sure about bookworm.
It doesn't sound like a MITM attack. If SSH works locally with keys but asks for a password only over the Tor hidden service, it's more likely that the key isn't being offered or accepted on the Tor connection.
Fix:
1.Update your SSH config: Add an entry for the .onion host:
2.Switch to Ed25519 keys: Generate a new key (ssh-keygen -t ed25519) and add it to ~/.ssh/authorized_keys. This avoids RSA deprecation issues.
3.Check server logs: Run journalctl -u ssh or check /var/log/auth.log to see why key auth fails.
4.Verify host key: Compare fingerprints (ssh-keygen -lf /etc/ssh/ssh_host_ed25519_key.pub) to rule out MITM.