10

I've set up ubuntu server on an old desktop and was able to log in with password no problem. I then set up ssh keys and disallowed logging in with passwords. I now have this weird issue where I get a public key denied error when trying to ssh remotely UNLESS I connect a monitor to the old desktop and log in to the server locally, then log in to the server remotely using the keys - this works.

I've checked the permissions for both the .ssh files/folders on both machines and they're fine: 755 for home directories, 700 for .ssh, 644 for id_rsa.pub, and 600 for id_rsa and authorized_keys.

Any idea what's going on here?

Improve this question
6
  • What do you mean by "ssh locally"? Should that be "remotely"?
    – terdon
    Commented Mar 14, 2015 at 17:42
  • @terdon yes, sorry. I try ssh'ing remotely and it fails unless I connect a monitor to the server and login with a password locally. Then I'm able to ssh remotely.
    – user3442536
    Commented Mar 14, 2015 at 17:45
  • OK, please edit and tell us i) exactly how you set up passwordless access ii) explain exactly how you disabled password access. You might also want to show us the relevant ~/.ssh/config and /etc/ssh/sshd_config files.
    – terdon
    Commented Mar 14, 2015 at 17:56
  • 4
    Are you using encrypted home directory on the server?
    – Michał Politowski
    Commented Mar 14, 2015 at 21:30
  • That was it. Thanks for your help. help.ubuntu.com/community/SSH/OpenSSH/Keys#Troubleshooting for anyone who faces similar issues.
    – user3442536
    Commented Mar 14, 2015 at 21:47

2 Answers 2

Reset to default
7

The answer was as Michal Politowski said in the comments. Encrypted home directory contained the .ssh folder, so it wasn't accessible to ssh command until I logged on locally and decrypted the folder. Solution was to create /home/ssh/%user%/ and place the authorized_keys file there, then direct ssh to look there via sshd_config. See comments for link to useful web page.

Improve this answer
2
  • 1
    It would be a good idea to add the link from the comment to the answer, I think. And probably also the actual configuration steps, so the answer is self-contained.
    – Michał Politowski
    Commented Mar 17, 2015 at 11:15
  • 1
    My home directory is not encrypted and I still have this problem of not being able to login remotely unless logged in locally.
    – JohnAllen
    Commented Aug 7, 2016 at 21:32
5

It's the network adapter. It's configured to only be available to YOUR user.

You must set the network adapter to be available to other/all users. In GNOME, this is done in the network adapter settings as a checkbox "Make available to other users".

Without this, your user will need to login locally first before the network adapter starts listening for standard services like SSH.

Improve this answer
1
  • This was giving me a huge headache. "Make available to other users" sounded like it was sharing my wifi so I had disabled it.
    – Iogictable
    Commented Sep 29, 2023 at 20:38

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .