I am a bit puzzled. I am not able to ssh to my CENTOS 7 server key-based only
ssh with user password of the server works fine
When I set to 'PasswordAuthentication no' in sshd_config file of the server, I get the following message: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
debug1: Next authentication method: publickey
debug1: Trying private key: /home/<my_user>/.ssh/id_rsa
debug1: Trying private key: /home/<my_user>/.ssh/id_dsa
debug1: Offering ECDSA public key: /home/<my_user>/.ssh/id_ecdsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Trying private key: /home/wp.rauchholz/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
I reset my server to and set in sshd_config 'PasswordAuthentication yes' again to be able to login.
I ran ssh -v -p 4381 <my_user>@X.X.X.X to debug when logging into the server
On the server, the .ssh and autorized_keys are set to chmod 600 and owned by the local user.
What am I missing?
debug1: Next authentication method: publickey
debug1: Trying private key: /home/<my_user>/.ssh/id_rsa
debug1: Trying private key: /home/<my_user>/.ssh/id_dsa
debug1: Offering ECDSA public key: /home/<my_user>/.ssh/id_ecdsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /home/<my_user>/.ssh/id_ed25519
debug1: Next authentication method: password
<my_user>@X.X.X.X's password:
debug1: Authentication succeeded (password).
Authenticated to X.X.X.X ([X.X.X.X]:4381).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Remote: Ignored authorized keys: bad ownership or modes for directory /home/<my_user>/.ssh
debug1: Sending environment.
debug1: Sending env XMODIFIERS = @im=none
debug1: Sending env LANG = en_US.utf8
Last login: Mon Nov 19 12:02:26 2018 from X.X.X.X
SSH Key-Based Authentication
Re: SSH Key-Based Authentication
debug1: Remote: Ignored authorized keys: bad ownership or modes for directory /home/<my_user>/.ssh
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
-
wp.rauchholz
- Posts: 133
- Joined: 2016/11/20 11:58:45
Re: SSH Key-Based Authentication
I have seen this error too.
But then I don't know what the issue is.
* /home/<my_user_>/.ssh, and
* /home/<my_user_>/.ssh/authorized_keys
are owned by <my_user> and I chmod 600 authorized key.
I chmod also .ssh now, this error message is gone, but I still cannot enter key-based and get Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
.ssh/authorized_keys was not created manually, but via ssh-copy-id command
Not sure what bad ownership or modes could mean?
Wolfgang
But then I don't know what the issue is.
* /home/<my_user_>/.ssh, and
* /home/<my_user_>/.ssh/authorized_keys
are owned by <my_user> and I chmod 600 authorized key.
I chmod also .ssh now, this error message is gone, but I still cannot enter key-based and get Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
.ssh/authorized_keys was not created manually, but via ssh-copy-id command
Not sure what bad ownership or modes could mean?
Wolfgang
-
wp.rauchholz
- Posts: 133
- Joined: 2016/11/20 11:58:45
Re: SSH Key-Based Authentication
Solved.. chmod for .ssh is 700, not 600
Wolfgang
Wolfgang