[Cialug] SSH says: Permission denied (publickey).

Matt Stanton matt at itwannabe.com
Sat Nov 10 18:32:32 UTC 2018


It seems that cloud services that allow you to choose one or more stored public keys to automatically install to your VPS also generally assume that you aren't going to use password authentication.  I've never used AWS, but Digital Ocean definitely forgoes setting a root password when you specify one or more public keys, and it sets SSH up to disallow password authentication if I'm not mistaken.

The last time I didn't choose to install any public keys, DO emailed a randomized root password to me, and password authentixation was enabled.

-- Matt (N0BOX)

Sent from my android device.

-----Original Message-----
From: David Champion <dchamp1337 at gmail.com>
To: Central Iowa Linux Users Group <cialug at cialug.org>
Sent: Fri, 09 Nov 2018 17:07
Subject: Re: [Cialug] SSH says: Permission denied (publickey).

Glad that helped. Using ssh -v will save your bacon when you're
troubleshooting problems.

-dc


On Fri, Nov 9, 2018 at 3:55 PM Todd Walton <tdwalton at gmail.com> wrote:

> On Wed, Nov 7, 2018 at 10:17 AM David Champion <dchamp1337 at gmail.com>
> wrote:
> >
> > Try doing "ssh -v me at newhost", compare that to "ssh -v me at oldhost" and
> see
> > what it's doing differently.
>
> Doing that, I see everything the same up until this point:
>
>      debug1: Authentications that can continue: publickey,password
>
> That's what it says for the old server. For the new server it says:
>
>      debug1: Authentications that can continue: publickey
>
> So... that would be a problem. And indeed, PasswordAuthentication was
> set to no. I swear I checked that three times!
>
> > On Wed, Nov 7, 2018 at 9:10 AM Scott Yates <Scott at yatesframe.com> wrote:
> >
> > > I thought you needed your public key stored in the ~/.ssh folder in
> order
> > > to use private key authentication.
>
> You do. It goes in the authorized_keys file. When I did ssh-copy-id it
> stored the key and then I was able to log in using my private key. But
> the problem is that people should be able to get onto this server
> using a password.
>
> --
> Todd
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug


More information about the Cialug mailing list