[SOLVED] ssh killing me :( Permission denied (publickey)
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
So I have searched and searched and followed numerous howto's but appear to be a little thick on getting this one to work
It appears no matter what settings I change I cannot ssh into my laptop on the same network (for testing).
SO, here is where I have left it:
Code:
#on laptop which I am trying to connect to
ssh-keygen -t rsa # did start with dsa but both give the same issue
Enter passphrase: <done> and repeated successfully
#on other machine (Nokia N900) after installing ssh software
accept bluetooth transmission of id_rsa.pub
mkdir .ssh
mv id_rsa.pub .ssh/authorized_keys
chmod 700 .ssh
chmod 600 .ssh/authorized_keys
#back on laptop
sudo service ssh restart #restart service on Ubuntu machine
#back to N900
ssh grail@10.1.1.2
<blah blah ...>add to known_hosts:(yes/no) yes
... <time goes by>
Permission denied (publickey).
At this point I would add that prior to the above, on one of my many other attempts, I did confirm that I was able to ssh with the users password, ie grail's password
Also, I have attached my sshd_config below, but would note this has been changed as a conglomeration of all the howto's I have looked at.
Any help would be greatly appreciated as I know it will be something simple
Cheers
grail
PS. let me know if I need to provide any other details?
I had a similar problem a log time ago. After reading the source code I found it that ssh expects the ~/.ssh folder to have drwxrwxr-x permission (if I remember correctly).
This doesn't make any sense at all as you don't want people poking around in there, anyway if I was you I wold at least try setting:
Code:
sudo chmod 755 ~ # This is the default in most dist
sudo chown -R `whoami`. ~/.ssh/ # This is also default
chmod -R 775 ~/.ssh
chmod 600 ~.ssh/authorized_keys
Apply this on both server and client. If it doesn't help revert back to what you where using, your permission settings make a lot more sense.
EDIT:
As I told you this make no sense and probably isn't the soultion the correct permission for .ssh is 0700 as you have set. Anyway try it. if it doesn't work. Run sshd with debug flag and check the output:
Ah, I think the confusion is where you made the key.
On the phone do:
ssh-keygen -t rsa
Hit enter a couple of times.
The public key file will then be in "/home/user/.ssh/id_rsa.pub". You need to copy this file to the laptop somehow. It should then be copied or moved to "/home/grail/.ssh/authorized_keys"
So if I understand correctly you are saying I am ssh'ing in the wrong direction?
Problem is I am not able to go the other way either, ie from laptop to phone (which I presume is the right direction based on how I created and copied key ... yes?) I receive the same message and have setup the same sshd_config on the phone.
To make sure I will attach my attempt to connect from laptop to phone.
debug1: Next authentication method: publickey
debug1: Trying private key: /home/user/.ssh/identity
debug3: no such identity: /home/user/.ssh/identity
debug1: Trying private key: /home/user/.ssh/id_rsa
debug3: no such identity: /home/user/.ssh/id_rsa
debug1: Trying private key: /home/user/.ssh/id_dsa
debug3: no such identity: /home/user/.ssh/id_dsa
At no point in the above steps was a key generated on the Nokia and copied to .ssh/authorized_keys on the laptop. If your sshd on the laptop is set to not allow password authentication then you will need to create a key on the Nokia and transfer it to the Laptops authorized_keys
Thanks for your feedback ... this at least proves I know was understanding Guttorm that I was going the wrong way, ie I created key on laptop and transferred
to phone so I should be able to connect to phone from the laptop (just to check this is correct based on the above steps?)
I'm confused as well. But according to the first log, when you connect from the phone to the laptop, no key is found at all. When you connect from the laptop, a key is sent to the phone, but it looks like the phone rejects it.
Are these files equal?
On the laptop: /home/grail/.ssh/id_rsa.pub
On the phone: /home/user/.ssh/authorized_keys
Also, did you remember user@phone when you ssh from the laptop?
I can now go from the phone to the laptop, but still get the same message going from the laptop to the phone.
Now I realise it is unlikely I will go in this direction very often, but I figure as I have started I should get to the bottom of this.
In some of the howto's I looked at it mentioned to run ssh-add once connection was able to be made, but when tried on the phone, even though I cannot currently connect, it gives the following error (not sure if related but putting up the things I have tried)
Code:
ssh-add
Could not open a connection to your authentication agent.
#this caused me to run
ps auwx | grep ssh-agent
#to which there is no reply
To get laptop to phone to work, simply creating the key and copying to laptop and renaming in the .ssh directory seemed to work straight away
I have since re-copied from laptop to phone and renamed in .ssh directory there but am still not able to connect
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.