So the issue is that I can login to my server just fine using:
ssh root@SERVER_IP_ADRESS
But when I try to login with a user I created from root:
ssh USERNAME@SERVER_IP_ADRESS
I get:
Permission denied (publickey).
The steps I went through before this.
At this point I switch into my newly created user and can see that it’s created and that the user has been added to sudo group with:
id -Gn
it displays “user_name sudo”
I’ve verified that the public key is in ~/.ssh/authorized_keys of both my root and user directory.
I’ll “exit exit” out of user and server. And attempt to ssh with user to no success.
Even attempting:
ssh -i PRIVATE_KEY USER_NAME@SERVER_IP_ADDRESS
results in the same “Permission denied (publickey).”
I tried to use the ssh -v command to see what may be different between root and user.
ssh -i PRIVATE_KEY USER_NAME@SERVER_IP_ADDRESS -v
OpenSSH_6.9p1, LibreSSL 2.1.8
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 165.227.83.215 [165.227.83.215] port 22.
debug1: Connection established.
debug1: identity file test-key-fem type 1
debug1: key_load_public: No such file or directory
debug1: identity file test-key-fem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 165.227.83.215:22 as 'kevin'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:HSPEtljdgqP4d9ZmZKSYGW9iyBfhclnWAKrbnYQam9Y
debug1: Host '165.227.83.215' is known and matches the ECDSA host key.
debug1: Found key in /Users/klufkin/.ssh/known_hosts:9
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: test-key-fem
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
ssh -i PRIVATE_KEY ROOT@SERVER_IP_ADDRESS -v
OpenSSH_6.9p1, LibreSSL 2.1.8
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 165.227.83.215 [165.227.83.215] port 22.
debug1: Connection established.
debug1: identity file test-key-fem type 1
debug1: key_load_public: No such file or directory
debug1: identity file test-key-fem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 165.227.83.215:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:HSPEtljdgqP4d9ZmZKSYGW9iyBfhclnWAKrbnYQam9Y
debug1: Host '165.227.83.215' is known and matches the ECDSA host key.
debug1: Found key in /Users/klufkin/.ssh/known_hosts:9
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: test-key-fem
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to 165.227.83.215 ([165.227.83.215]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-119-generic x86_64)
The main difference I see is that when I ssh with root user I’m getting this line:
debug1: Server accepts key: pkalg ssh-rsa blen 279
I’m running this all on my Mac OSX. And have no config file in my /.ssh directory on my computer.
Please let me know if there is something I am missing or if you need more information to help me. This is all fairly new to me so it’s not super clear as to how to triage this issue.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
So I found a working answer to my problem. Based off of this thread
If I want to add a user with whom I wish to SSH login with I can run these set of commands:
after running these commands I can login using:
Thank you @ryanpq and @fishy for pointing me in the right direction! Ended up having to level up my knowledge of file permissions.
Try:
It sounds like you covered the required steps. When you copied your public key to the authorized_keys file on the server did you ensure that it is still owned by the new user and not root? If it is owned by root, permissions may not allow it to be used for a normal user to log in.