0

I created a new user on my server, and generated a public (id_rsa.pub) and private key (id_rsa), which I copied to my laptop's .ssh directory. I then created a config file like so:

Host xxx.xxx.xxx
RSAAuthentication yes
IdentityFile ~/.ssh/id_rsa
User xxx

I then attempted to ssh into the server, but got the following error instead:

OpenSSH_7.4p1, LibreSSL 2.5.0
debug1: Reading configuration data /Users/xxx/.ssh/config
debug1: /Users/xxx/.ssh/config line 1: Applying options for xxx.xxx.xxx
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to xxx.xxx.xxx [xx.xxx.xx.xx] port 22.
debug1: Connection established.
debug1: identity file /Users/xxx/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/xxx/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.1
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to xxx.xxx.xxx:22 as 'xxx'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:n+rA9cq8RQTcnh19HlV2/ASXuktvPF2NhZkxNmZTzBE
debug1: Host 'analytics.selfscore.com' is known and matches the ECDSA host key.
debug1: Found key in /Users/xxx/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/xxx/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

Any ideas?

Improve this question
1
  • 1
    Just to check, did you create the public/private key on the server? That seems a bit strange.
    – David Z
    Commented Sep 19, 2017 at 15:35

1 Answer 1

Reset to default
1

Looks like you have not added your public key to your new users ~/.ssh/authorized_keys file on the remote server.

Log in normally to the server, copy your public key from your local machine then:

echo "your public key here" >> ~/.ssh/authorized_keys"

Then open a new terminal window to verify you can ssh in using the method you are already have.

If successful I would then disable password based auth altogether:

vi /etc/ssh/sshd_config

change

PasswordAuthentication yes

to 

PasswordAuthentication no

then

sudo service sshd restart

Verify this:

ssh user@domain should give you a permission denied error without even asking for a PW

Also double check all file permissions on your remote and local key dirs and files: https://superuser.com/questions/215504/permissions-on-private-key-in-ssh-folder

NOTE: the above is based on Ubuntu remote server, the premise is the same for any remote Linux box.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .