How to ssh into localhost? (permission denied publickey)

aztroboy · 03-21-2013, 10:17 PM

Greetings,

I have searched for a solution to this problem with no luck:

I am trying to install hadoop on my Ubuntu machine. For that to happen, I need to setup keys so that the localhost can ssh into the same machine (inception?)

I currently ssh into the machine without needing to use a passphrase.

I have setup new keys so that hadoop can work on the same machine. I used the following commands:

Code:

sudo ssh-keygen -t dsa
sudo cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys

all files in /.ssh folder have an 600 chmod permission

however, if I try to ssh into localhost it prompts:

Code:

Permission denied (publickey).

if I run sudo ssh localhost -v, the last lines are:

Code:

debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Offering DSA public key: /root/.ssh/id_dsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: No more authentication methods to try.
Permission denied (publickey).

I have to mention that I have created several keys and erased some others in the authorized_key file, leaving only the one that lets me ssh into the machine.

I would like to know how to get rid of this Permission denied (publickey) error.

linosaurusroot · 03-21-2013, 10:21 PM

Why did you generate RSA but then add DSA to the authorized_keys ?

evo2 · 03-21-2013, 10:25 PM

Hi,

you can check /var/log/auth.log to see the output from the ssh server: it might provide some useful information as to what is going on. You can also get more information on the client side by adding a few more v's. Eg

Code:

ssh -vvvv localhost

BTW, why are you using sudo to generate the key? Generally you shouldn't ssh to anywheere as root, and very often (always no the machines I administer) root ssh logins are disabled in /etc/ssh/sshd_config wit hthe line:

Code:

PermitRootLogin no

Evo2.

linosaurusroot · 03-21-2013, 10:30 PM

You've also been doing funny things with sudo. Can you show us what you get from

Code:

sudo -l

(interested in always_set_home) ?

This will create a pair of files owned by root (if they don't already exist) either under ~root or in the CWD.

Code:

sudo ssh-keygen -t rsa

This will attempt

Code:

sudo cat

with two files related to the home directory of the current user.

Code:

sudo cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys

aztroboy · 03-21-2013, 10:46 PM

Sorry I just edited the command. I used dsa all the time on all the commands

I used:

sudo ssh-keygen -t dsa
sudo cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys

Quote:

Originally Posted by linosaurusroot

You've also been doing funny things with sudo. Can you show us what you get from

Code:

sudo -l

(interested in always_set_home) ?

This will create a pair of files owned by root (if they don't already exist) either under ~root or in the CWD.

Code:

sudo ssh-keygen -t rsa

This will attempt

Code:

sudo cat

with two files related to the home directory of the current user.

Code:

sudo cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys

it prompts the following:

Code:

Matching Defaults entries for ubuntu on this host:
    env_reset,
    secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin

User ubuntu may run the following commands on this host:
    (ALL) ALL
    (ALL) NOPASSWD: ALL

BTW my current user is ubuntu, not root. In this case, what should I do?
(relevant: I'm ssh-ing from my PC to a remote PC and we don't need passphrases (already set keys for both machines), now I'm trying to make the remote PC to ssh into localhost without luck. I have to use the user ubuntu. Maybe I should give him root priviledges?)

BTW the PermitRootLogin is set to yes

linosaurusroot · 03-22-2013, 07:56 AM

I agree you should be looking at logs (such as /var/log/auth.log) to get more info on this.

If you're intending hadoop to work as the "ubuntu" user do all your ssh setup as "ubuntu" without using sudo. If you're intending hadoop to work as root then work from a root shell without using sudo on each command.

evo2 · 03-23-2013, 07:29 PM

Hi,

if you are using the user "ubuntu", then please stop doing things with sudo. Forget about sudo and root. Repeat the key generation and copying to authorized_keys as the user "ubuntu". Then try to "ssh -vvv localhost" again: check the output, read /var/log/auth.log etc.

Evo2.