Ubuntu – ssh no longer allows public key authentication

authenticationssh

My machine recently stopped accepting incoming public key authentication. I have an ubuntu 11.04 desktop that I ssh into from a windows machine. I use putty with pageant. I am able to connect but only with interactive password authentication, not with my rsa key that I have setup.

I have already verified that the key is listed in ~/.ssh/authorized_keys. How do I fix this and what do I check?

Best Answer

If public key authentication doesn't work: make sure that on the server side, your home directory (~), the ~/.ssh directory, and the ~/.ssh/authorized_keys file, are all writable only by their owner. In particular, none of them must be writable by the group (even if the user is alone in the group). chmod 755 or chmod 700 is ok, chmod 770 is not.

What to check when something is wrong:

Run ssh -vvv to see a lot of debugging output. If you post a question asking why you can't connect with ssh, include this output (you may want to anonymize host and user names).
If you can, check the server logs in /var/log/auth.log.
If public key authentication isn't working, check the permissions again, especially the group bit (see above).

Related Solutions

Ubuntu – SSH Public Key – No supported authentication methods available (server sent public key)

Problem solved:

Looks like there was a problem with my public key file. PuttyGen will create a public key file that looks like:

---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20121022"
AAAAB3NzaC1yc2EAAAABJQAAAIEAhGF6GIuMY8FJ1+CNApnSY1N2YSlkYz72Yvwu
a6N1nFpBklz1+dsIMg4rcTLcF34M/tW5Yz+NUDAw2AEbxQ32FPgw7sAOIXktkYOH
tr7mmimiTjkoSCrJh1kqalPSpi8rglT/Bp67Ql2SZwvUFfMzHISryR0EZC4rXP/u
vObrJe8=
---- END SSH2 PUBLIC KEY ----

However, this will not work, so what you need to do is to open the key in PuttyGen, and then copy it from there (this results in the key being in the right format and in 1 line):

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAhGF6GIuMY8FJ1+CNApnSY1N2YSlkYz72Yvwua6N1nFpBklz1+dsIMg4rcTLcF34M/tW5Yz+NUDAw2AEbxQ32FPgw7sAOIXktkYOHtr7mmimiTjkoSCrJh1kqalPSpi8rglT/Bp67Ql2SZwvUFfMzHISryR0EZC4rXP/uvObrJe8= rsa-key-20121022

Paste this into authorized_keys then it should work.

Ubuntu – Trying to do ssh authentication with key files: server refused our key

Ok, it is fixed however I don't see how this is different from what I tried already.

What I did:

generate a key pair with puttygen.exe (length: 1024 bits)
load the private key in the PuTTY profile
enter the public key in ~/.ssh/authorized_keys in one line (ssh-rsa {your_public_key} with no more than once space between ssh-rsa and your key)
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
chown $USER:$USER ~/.ssh -R
change /etc/ssh/sshd_config so it contains AuthorizedKeysFile %h/.ssh/authorized_keys
sudo service ssh restart

For troubleshooting do # tail -f /var/log/auth.log.

Thanks for your help!

Best Answer

Related Solutions

Ubuntu – SSH Public Key – No supported authentication methods available (server sent public key)

Ubuntu – Trying to do ssh authentication with key files: server refused our key

Related Question