LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 03-01-2011, 04:43 AM   #1
j.smith1981
Member
 
Registered: Feb 2009
Distribution: Mainly CentOS6.4 x64
Posts: 161

Rep: Reputation: 1
Question No supported authentication methods available when using a private key for login


I keep getting the above message when trying to login to my server using a private key, is there something I am missing from the configs here?

Quote:
# $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

Port 22
Protocol 2
#AddressFamily any
ListenAddress 192.168.0.2
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO

# Authentication:

LoginGraceTime 30
#PermitRootLogin yes
#StrictModes yes
MaxAuthTries 1

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
#PasswordAuthentication yes
PasswordAuthentication no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication mechanism.
# Depending on your PAM configuration, this may bypass the setting of
# PasswordAuthentication, PermitEmptyPasswords, and
# "PermitRootLogin without-password". If you just want the PAM account and
# session checks to run without PAM authentication, then enable this but set
# ChallengeResponseAuthentication=no
#UsePAM no
UsePAM yes

# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#ShowPatchLevel no
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-server
It's pretty much the default except for not allowing password logins, am I missing something here at all?

Thanks,
Jez.
 
Old 03-01-2011, 09:26 AM   #2
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
What OS / version? If CentOS (as in your profile), then check /var/log/secure for clues.
 
Old 03-01-2011, 09:29 AM   #3
j.smith1981
Member
 
Registered: Feb 2009
Distribution: Mainly CentOS6.4 x64
Posts: 161

Original Poster
Rep: Reputation: 1
That is where I got the log error from in the first place!

It's centos 5.5.
 
Old 03-01-2011, 11:42 AM   #4
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
You didn't mention that in your first post.

Assuming there is nothing else in /var/log/secure that may clue you in (e.g. permissions issues), then you've likely set up pubkey authentication incorrectly for the user you're testing.
 
Old 03-01-2011, 12:43 PM   #5
SL00b
Member
 
Registered: Feb 2011
Location: LA, US
Distribution: SLES
Posts: 375

Rep: Reputation: 112Reputation: 112
If you're trying to log in to your server, you should have the public key, not the private one.

If the problem is in the ssh config, I'd suggest starting a verbose ssh session (ssh -v <hostname>), and look to see what authentication methods it's accepting. You should find a line near the password prompt like this:

debug1: Authentications that can continue: publickey,keyboard-interactive
 
Old 03-02-2011, 04:43 AM   #6
j.smith1981
Member
 
Registered: Feb 2009
Distribution: Mainly CentOS6.4 x64
Posts: 161

Original Poster
Rep: Reputation: 1
I will retry this when I get a moment.

I mean from the configs are they alright for doing publickey authentication then?

No I mean that's fine if its permissions, I mean I did actually think that but rather than going off my own assumptions I thought I would get another person to check over it.

What permissions are actually required then? Also for the directory would be useful, i.e. does it need to just be the root user, even for other users?

Bit confused about that one!

Thank you for your help and I look forward to your reply,
Jez.
 
Old 03-02-2011, 06:41 AM   #7
j.smith1981
Member
 
Registered: Feb 2009
Distribution: Mainly CentOS6.4 x64
Posts: 161

Original Poster
Rep: Reputation: 1
Question

Hmm I mean this doesnt work, what I have just attempted.

WinSCP, that I use to log into my server to see directories keeps saying:

Quote:
Using username "myuser".
Server refused our key.
Hmm still keeps coming up with the log messages as before, allowed for RSA authentication though as the configs go, any suggestions again?

I thought that might fix it but it hasnt, remember doing this successfully with centos 4.8, but I think maybe there might be a step I am probably missing, any indications?

I am sure with a bit of effort I may be able to get this working (should actually lol).

Hmm any thoughts?

Thanks again for your help though!
Jez.
 
Old 03-02-2011, 07:01 AM   #8
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 15.2
Posts: 1,339

Rep: Reputation: 260Reputation: 260Reputation: 260
Did you create an ssh1 key by accident? You are login in from a Windows machine I assume as you mention WinSCP - how did you create the key? The public part is just one long line you installed on the server?
 
Old 03-02-2011, 09:14 AM   #9
SL00b
Member
 
Registered: Feb 2011
Location: LA, US
Distribution: SLES
Posts: 375

Rep: Reputation: 112Reputation: 112
Quote:
Originally Posted by j.smith1981 View Post
Hmm I mean this doesnt work, what I have just attempted.

WinSCP, that I use to log into my server to see directories keeps saying:



Hmm still keeps coming up with the log messages as before, allowed for RSA authentication though as the configs go, any suggestions again?

I thought that might fix it but it hasnt, remember doing this successfully with centos 4.8, but I think maybe there might be a step I am probably missing, any indications?

I am sure with a bit of effort I may be able to get this working (should actually lol).

Hmm any thoughts?

Thanks again for your help though!
Jez.
My thoughts are exactly the same as they were before:

- Go to a command line.
- Start a verbose ssh session
- Post the results

Also, as Reuti says, if you want us to help you figure out where you might have "missed a step," then you'd better walk us through the process you followed.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How can I setup SSH private key authentication? davidlu766 Linux - Server 3 04-29-2010 08:32 AM
SSH public / private key authentication problems thronh Linux - Security 7 06-14-2006 12:21 PM
ssh - No supported authentication methods rajah9 Linux - Networking 4 08-19-2005 02:59 PM
Can someone explain the basics of private-key authentication through SSH? lowpro2k3 Linux - Security 2 06-09-2005 12:22 AM
public/private key authentication with PuTTY NetAX Linux - Security 5 10-27-2004 07:00 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 05:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration