[BUG] Are 4096 bit RSA keys supported?

[cornsmut]

Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

Hi all,

Im having an issue with 4096 bit RSA keys. It seems when I try to import my pub key both in volume/file and in docker compose yaml, openssh server will ignore that it exists. Shorter keys and when the 4096 rsa key is shortened both will import just fine.

Expected Behavior

No response

Steps To Reproduce

1. Import 4096 key to PUBLIC_KEY or in a file defined in PUBLIC_KEY_DIR
2. Run container
3. Key not recognized
4. Shorten to smaller key length
5. Run container
6. Key Recognized

Environment

CPU architecture

x86-64

Docker creation

opensshd:
    image: lscr.io/linuxserver/openssh-server:latest
    network_mode: 'service:newt'
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
      - PUBLIC_KEY="4096-KEY-HERE"
      - SUDO_ACCESS=true #optional
      - PASSWORD_ACCESS=false #optional
      - USER_NAME=c2-link #optional
    volumes:
      - ./opensshd-config:/config
        #ports:
        #- 2222:2222
    restart: unless-stopped

Container logs

opensshd-1  | ───────────────────────────────────────
opensshd-1  | 
opensshd-1  |       ██╗     ███████╗██╗ ██████╗
opensshd-1  |       ██║     ██╔════╝██║██╔═══██╗
opensshd-1  |       ██║     ███████╗██║██║   ██║
opensshd-1  |       ██║     ╚════██║██║██║   ██║
opensshd-1  |       ███████╗███████║██║╚██████╔╝
opensshd-1  |       ╚══════╝╚══════╝╚═╝ ╚═════╝
opensshd-1  | 
opensshd-1  |    Brought to you by linuxserver.io
opensshd-1  | ───────────────────────────────────────
opensshd-1  | 
opensshd-1  | To support LSIO projects visit:
opensshd-1  | https://www.linuxserver.io/donate/
opensshd-1  | 
opensshd-1  | ───────────────────────────────────────
opensshd-1  | GID/UID
opensshd-1  | ───────────────────────────────────────
opensshd-1  | 
opensshd-1  | User UID:    1000
opensshd-1  | User GID:    1000
opensshd-1  | ───────────────────────────────────────
opensshd-1  | Linuxserver.io version: 10.0_p1-r7-ls202
opensshd-1  | Build-date: 2025-08-10T18:55:13+00:00
opensshd-1  | ───────────────────────────────────────
opensshd-1  |     
opensshd-1  | User name is set to link
opensshd-1  | sudo is enabled without password.
opensshd-1  | SSH host public key(s):
opensshd-1  | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKqjF+vJtlNog+7tG3pVSgBLZPuR87QqKaifmzrU/vxXhTVjDIHqt0k0NVyy7CJB/Ds1IWu4s9oT2YN1Xun09sw= root@98c9a2520cd2
opensshd-1  | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJdVUWgDdiaw2XL4EjUFwpGO3FpkTLVi7osRvF+XKSKz root@98c9a2520cd2
opensshd-1  | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ymt6gOG+G0SoOlEBcoRe6ZIh6jHAe5tmevOJ4rIkif0eiExrRDqUAv4d+CXAv2ty6ipWkN+r3EfEE2PseR9EIyVCvvZB3O1iMQzdexZbYTMyjyAdAcosJLr0QdXmMGvFBcRQODUyGRARnrSX97LUVRHAD+pS6Na3fXO0KPtUC+4gw4nh9irU1VtLRf+hNgDaAUQwYEXtJcMdEa6euf8djbhjTB3LAPFUoY2qWGD3+RonQIlo2UwEer7oTKOjETAHdc4Jmzt5y/Zr6A5vhfSaKwyg53/l9gCMmwW0li+CgK2xzNT3l9gqFyMFZvjB1lnPU05AKRokCgDJXhUV7uQaf9b/5r7D5A7AR7UrGU1C5tg/0C9WZMumxtMA6pE0jS+dT9Dp02nqv+4n8iCyy2oe3Z2d7wf82193hpF8JZbWi+BgIYDpD+PoScVNF+16YzyCuktEXH6YDrCgsxSdWEjpyKb3XheSSEQOrl8DxGlrXBRqlKZaF/oG7OoVyU33aI8= root@98c9a2520cd2
opensshd-1  | sshd is listening on port 2222
opensshd-1  | User/password ssh access is disabled.
opensshd-1  | [custom-init] No custom files found, skipping...
opensshd-1  | [ls.io-init] done.

[github-actions]

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.

[cornsmut]

Here are the logs when I shorten my key

opensshd-1  | User name is set to c2-link
opensshd-1  | User name is set to c2-link
opensshd-1  | sudo is enabled without password.
opensshd-1  | sudo is enabled without password.
opensshd-1  | SSH host public key(s):
opensshd-1  | SSH host public key(s):
opensshd-1  | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKqjF+vJtlNog+7tG3pVSgBLZPuR87QqKaifmzrU/vxXhTVjDIHqt0k0NVyy7CJB/Ds1IWu4s9oT2YN1Xun09sw= root@98c9a2520cd2
opensshd-1  | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJdVUWgDdiaw2XL4EjUFwpGO3FpkTLVi7osRvF+XKSKz root@98c9a2520cd2
opensshd-1  | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ymt6gOG+G0SoOlEBcoRe6ZIh6jHAe5tmevOJ4rIkif0eiExrRDqUAv4d+CXAv2ty6ipWkN+r3EfEE2PseR9EIyVCvvZB3O1iMQzdexZbYTMyjyAdAcosJLr0QdXmMGvFBcRQODUyGRARnrSX97LUVRHAD+pS6Na3fXO0KPtUC+4gw4nh9irU1VtLRf+hNgDaAUQwYEXtJcMdEa6euf8djbhjTB3LAPFUoY2qWGD3+RonQIlo2UwEer7oTKOjETAHdc4Jmzt5y/Zr6A5vhfSaKwyg53/l9gCMmwW0li+CgK2xzNT3l9gqFyMFZvjB1lnPU05AKRokCgDJXhUV7uQaf9b/5r7D5A7AR7UrGU1C5tg/0C9WZMumxtMA6pE0jS+dT9Dp02nqv+4n8iCyy2oe3Z2d7wf82193hpF8JZbWi+BgIYDpD+PoScVNF+16YzyCuktEXH6YDrCgsxSdWEjpyKb3XheSSEQOrl8DxGlrXBRqlKZaF/oG7OoVyU33aI8= root@98c9a2520cd2
opensshd-1  | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKqjF+vJtlNog+7tG3pVSgBLZPuR87QqKaifmzrU/vxXhTVjDIHqt0k0NVyy7CJB/Ds1IWu4s9oT2YN1Xun09sw= root@98c9a2520cd2
opensshd-1  | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJdVUWgDdiaw2XL4EjUFwpGO3FpkTLVi7osRvF+XKSKz root@98c9a2520cd2
opensshd-1  | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ymt6gOG+G0SoOlEBcoRe6ZIh6jHAe5tmevOJ4rIkif0eiExrRDqUAv4d+CXAv2ty6ipWkN+r3EfEE2PseR9EIyVCvvZB3O1iMQzdexZbYTMyjyAdAcosJLr0QdXmMGvFBcRQODUyGRARnrSX97LUVRHAD+pS6Na3fXO0KPtUC+4gw4nh9irU1VtLRf+hNgDaAUQwYEXtJcMdEa6euf8djbhjTB3LAPFUoY2qWGD3+RonQIlo2UwEer7oTKOjETAHdc4Jmzt5y/Zr6A5vhfSaKwyg53/l9gCMmwW0li+CgK2xzNT3l9gqFyMFZvjB1lnPU05AKRokCgDJXhUV7uQaf9b/5r7D5A7AR7UrGU1C5tg/0C9WZMumxtMA6pE0jS+dT9Dp02nqv+4n8iCyy2oe3Z2d7wf82193hpF8JZbWi+BgIYDpD+PoScVNF+16YzyCuktEXH6YDrCgsxSdWEjpyKb3XheSSEQOrl8DxGlrXBRqlKZaF/oG7OoVyU33aI8= root@98c9a2520cd2
opensshd-1  | sshd is listening on port 2222
opensshd-1  | sshd is listening on port 2222
opensshd-1  | User/password ssh access is disabled.
opensshd-1  | User/password ssh access is disabled.
opensshd-1  | Public key from env variable added
opensshd-1  | Public key from env variable added
opensshd-1  | [custom-init] No custom files found, skipping...
opensshd-1  | [custom-init] No custom files found, skipping...
opensshd-1  | [ls.io-init] done.
opensshd-1  | [ls.io-init] done.

[aptalca]

https://docs.linuxserver.io/general/docker-compose/#quoting-variables

[cornsmut]

It was not this but a different embarrassing docker goof. Thanks!