ssh -- Permission denied (publickey,password,keyboard-interactive).
 

I recently installed OpenSSH on a CoreLinux machine and have a problem.

From the CoreLinux machine I can ssh out to any machine without any problems. However, when I ssh to the CoreLinux machine (from anywhere) it fails and outputs the following message after three login attempts:

"Permission denied (publickey,password,keyboard-interactive)."

On the CoreLinux machine /var/log/syslog indicates the failure with the message "<timestamp> <machine name> sshd[395]: Failed password for <acct> from <addr> port 1338 ssh2". I know that the account on the CoreLinux machine is working because I can login from the console. I can see sshd running. It was started with the command "sshd -p 22"

Does anyone know what I'm doing wrong? Thanks in advance!

Try ssh'ing to the Corelinux machine from itself. Not sure what this will accomplish other than making sure the sshd has a config file that will allow any logins...

Also, did it ask you for the user name? Or did you pass the user name? I once spent 30 minutes fighting an sshd because I didn't realize that it was trying to log me on as the user on my current machine instead of the user on my debian system... Doh!

thank you for your reply,

>Try ssh'ing to the Corelinux machine from itself. Not
>sure what this will accomplish other than making sure
>the sshd has a config file that will allow any logins...

i did try 'ssh user@machine' and had the same results. regarding the sshd_config file, i didn't make any changes to it. all the options are commented out. could this be the problem? permissions?

the client side seems ok. i can ssh to any machine and log in.


>Also, did it ask you for the user name? Or did you pass
>the user name? I once spent 30 minutes fighting an sshd
>because I didn't realize that it was trying to log me on
>as the user on my current machine instead of the user on
>my debian system... Doh!

i passed the username on the command line. it only asked for the password.

thanks again,

Did you try ssh'ing the corel machine from the corel machine (i.e. ssh user@localhost)? This was to test the ssh server on the corel machine (I figure if anything were to work, an ssh to localhost would).

I would read through the config file and see if anything intuitively makes sense to uncomment. Make sure you're reading the sshd_config file, not the ssh_config file. ssh is working fine you said, it's sshd that you're having problems with.

Here's a copy of my sshd_config file:

I also just realized that I get the same error you describe if I try to ssh root@localhost because I have PermitRootLogin no in sshd_config. But I can login as user fine, so it must be a configuration issue.

>Did you try ssh'ing the corel machine from the corel
>machine (i.e. ssh user@localhost)? This was to test the
>ssh server on the corel machine (I figure if anything were
>to work, an ssh to localhost would).

yes, i did try to ssh to the local machine: 'ssh user@corelinux' without good results. i still get the failure message as mentioned before. again, i can ssh to another machine with success (from corelinux).

>I would read through the config file and see if anything
>intuitively makes sense to uncomment. Make sure you're
>reading the sshd_config file, not the ssh_config file. ssh
>is working fine you said, it's sshd that you're having
>problems with.

i'm not in front of the machine at the moment, so i'll have a look tomorrow.

>I also just realized that I get the same error you
>describe if I try to ssh root@localhost because I have
>PermitRootLogin no in sshd_config. But I can login as user
>fine, so it must be a configuration issue.

i'm hoping it is as simple as that.
- would it help for me to post my sshd_config file?
- is there anyway to have the server output debug messages?

thanks again for you replies...

===============================================================
some additional information...

i up-rev'd the corelinux machine to openssh 3.7.1p2, the same
version as a machine that i know works. also, i copied the
sshd* configuration files from the working to the corelinux
machine. i compared the output of the sshd (sshd -d) between
the working machine and corelinux. i ran it on the working
machine in order to see what it looks like when it works, then
on the corelinux machine. outputs on both machines looked the
same until the password was entered. the corelinux box output
two messages indicating that the password failed. also, i modifed
the password of the user account i'm logging into just to see
if that would make a difference. unfortunately it didn't.

could there be a permissions issue?
what do you think?

thanks,
===============================================================

ssh logini s failing
 

Hi all,
i have read this thread & seems very familir to the issue i am facing right now.
I am trying to login from my windows m/c to linux machine using ssh w/o givng password. I created my public-pvt key pair using putty gen. & copied it to the linux file (authentication_key) in .ssh/ folder.

When i try 2 login it fails saying;
Permission denied (publickey,password,keyboard-interactive).

I would request to pls help me in this.


Regards

First post to LQ and FWIW

To fix this problem I simply reset the password on the receiver and Voila!

But first lots of other ideas to no avail.

For me the sshd receiver was Cygwin running on XP.

BTW this howto helped me lots //ist.uwaterloo.ca/~kscully/CygwinSSHD_W2K3.html called Installing the Cygwin SSH daemon How to setup the secure shell daemon on a Windows 2003 server

Commenting below Line in /etc/ssh/sshd_config , and restart sshd service. it worked for me.

ChallengeResponseAuthentication no

Thanks, this worked for me too!

When ChallengeResponseAuthentication is set to no, SSHD will only authenticate by public/private key, not by password. In order to authenticate by key instead of password, the public key for the client user must be in the authorized_keys of the server user, usually ~/.ssh/authorized_keys.

Crucial Info
 

I know this thread is quite old but I stumbled up this because I had a similar issue with no solution to be found. What bdoughty1970 said was absolutely spot on.

You have to make sure that you add the client public key to server authorized_keys
client: id_rsa.pub
server_user: ~/.ssh/authorized_keys

if you scp the client public key to server user.
scp ~/.ssh/id_rsa.pub serverUsername@host.com:/home/serverUsername

then copy the contents into the authorized keys (after logging into the server as the user)

cat id_rsa.pub >> ~/.ssh/authorized_keys.

and then bingo! It should work.


P.S.
This is assuming you have correct permissions and have also set up /etc/ssh/sshd_config (on the server) correctly.
For the sshd_config make sure you either add or uncomment this line:
AuthorizedKeysFile %h/.ssh/authorized_keys

Further note to Ishikawa91, post 11
 

The thread is two years older now! Ishikawa91's post is bang on in describing the problem and furthermore it is a model post in giving directions that can actually be followed.

I answered a question incorrectly when I secure shell'ed into another server, in my case from an Ubuntu workstation to a Debian server. It all works now.

Thank you!