Try DigitalOcean free for up to two months!

How to make public key SSH access working please?

Discussion in 'Command Line' started by postcd, Nov 10, 2016.

  1. postcd

    postcd Member

    Joined:
    Apr 16, 2014
    Messages:
    147
    Likes Received:
    10
    Hello,

    i want to access server via SSH without need to enter password, so i thought i will generate public key and share it with server from which i will be accessing, but it do not works. Says: "# ssh -l root localhost -p 7000
    Permission denied (publickey)."

    why i am connecting localhost? because i set port forwarding from localhost to destination LAN/firewalled by executing command ssh -fN -R 7000:localhost:22 username@PublicServerIPhere on the server i want to connect. It should work, password access worked, but not public key, returns "Permission denied (publickey)."

    Error appears even after i logged in server i want to connect and executed ssh-keygen and then ssh-copy-id IPOfTheServerFromWhichINeedPasswordLesAccess
    it worked and when i re-run, it says: "All keys were skipped because they already exist on the remote system."
    So key should be coppied.

    Where is the problem please? This is sshd_config of the server i am trying to connect (one that refuse ssh pub. key connection and allows password connection):

    source server (from which i am connecting) is CentOS(redhat), destination server which refusing pub.key access is Debian.

    Thank you for help :-/
     
  2. postcd

    postcd Member

    Joined:
    Apr 16, 2014
    Messages:
    147
    Likes Received:
    10
    update: ISSUE SOLVED

    in this scenario, i had to not only add server's key to the client's authorized_keys file, but also vice versa (client's key to the server). Then it started working.

    The problem was with these sshd-config lines:
    To allow password auth. for root:
    To allow only authorized keys (public key access):
    and do not forget: service ssh reload
     
  3. jakester

    jakester New Member

    Joined:
    Mar 18, 2017
    Messages:
    5
    Likes Received:
    0
    you didnt solve problems; you created them. logging in and permitting root over network is incredibly stupid, and disabled on purpose.
     

Share This Page