Server refused public-key signature despite accepting key (Ubuntu 20.04 using WinSCP 5.21.5)

I created a new VM running Ubuntu 20.04 using the 20.04.5 ISO installer and then running apt update. I was able to connect from my Windows 10 PC using WinSCP 5.21.2 and a password.

I copied an authorized_keys file that I've been using for several years on an instance of Ubuntu 18.04.6, most recently with this version of WinSCP, into the ~/.ssh folder on the new VM and expected it would work with key authorisation (I use Pageant). Instead I got the message "Server refused public-key signature despite accepting key!". After some experimentation I found the key worked if I used PuTTY but not if I used WinSCP. I found a bug report of something similar at With WinSCP I get the error "Server refused our key", but the same key works with PuTTY, PSFTP, etc., which refers to Issue 1952 – Support rsa-sha2-256 and rsa-sha2-512 SSH public key algorithms, but it looks as if that should be fixed in version 5.21.2. I tried upgrading to the latest version anyway, 5.21.5, but there was no difference. In case it was a problem with the key being too short for the modern Ubuntu I also tried generating and using a new 2048 bit RSA key, but that also didn't work.

I then noticed the version of PuTTY I was using to connect successfully was an older version, (edit:)0.70. That inspired me to replace my WinSCP install on the PC with an older version, namely 5.19.6. It immediately started working!

I therefore have a good work-around for the moment, but would welcome suggestions for a better solution.

Can you please post WinSCP 5.21.5 and 5.19.6 logs for comparison?
Can you authenticate with the latest version of PuTTY? (btw, I suppose the 0.07 is a typo, right? Haven't you meant 0.70?)

You are correct that 0.07 was a typo, it was 0.70.
The logs I previously posted include an unsuccessful attempt using WinSCP 5.21.5 (Oct 23 10:09:24)

Here are some logs using WinSCP 5.19.6, which I installed over the top of 5.21.5 without updating any keys. The Linux server is the same except that I have installed some application software in the meantime (Zimbra 9, unlikely to affect this).

I will try with PuTTY 0.77.

I have now tried again after installing PuTTY 0.77 on the Windows machine. It works. WinSCP 5.19.6 continued to work.

I then tried re-installed WinSCP 5.21.5 on the Windows machine, and found it now works too!

I will re-install PuTTY 0.70 to see if the problem reappears.

To test, I installed PuTTY 0.70 over the top of PuTTY 0.77 and the problem re-appeared. I re-installed PuTTY 0.77 and it disappeared again. (The PuTTY installer updates several programs at once, and I guess it may well be the Pageant version that's significant)

In conclusion, it seems the problem can be solved by updating to the latest version of PuTTY as well as the latest version of WinSCP.

It's probably not worth investigating any further :-). @martin, thanks for your help.

Ok, thanks for all the investigation. It can indeed be due to an old version of Pageant somehow stuck in your system. You might had have it running while upgrading, what prevented the update until system restart.