SSH key authorization without password

There is a need for authorization in Linux using the SSH key. Made the keys (public and private). Public copied to: /home/eugene/.ssh/authorized_keys.

What's in the file (one line):

Ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAjqa1EnAnrlEx5NS6py6SmsQzAWpw8/7suyAa mPMr16yMX1BZfyzO7LFA/6MRvJ4dCRxnhJNJD2IW/FGZGg5iJNndw+42HuDkiPEX VcX2XYk9yXUAYX5xqR9zzdafsDZsekelsGATibBWa8iJi4RiW3xozDzKdobM9n17 Ok2rAMk=

In the configuration file SSH:

Port 22
Protocol 2
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile ~/.ssh/authorized_keys

I didn't write everything. It's kind of basic. If anything, please correct it.

I enter through the putti with a private key, and writes in response:

Server refused our key

I tried other clients as well. It's still the same the most.

Addendum.

Mar 15 18:04:20 ht-5 sshd[16966]: debug1: PAM: initializing for "eugene"
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: PAM: setting PAM_RHOST to "*-*-191-67.*.ua"
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: PAM: setting PAM_TTY to "ssh"
Mar 15 18:04:20 ht-5 sshd[16966]: Failed none for eugene from *.*.191.67 port 59873 s sh2
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: Checking blacklist file /usr/share/ssh/ blacklis t.RSA-1024
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: Checking blacklist file /etc/ssh/blacklist.RSA- 1024
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: temporarily_use_uid: 1000/1000 (e=0/0)
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: trying public key file /root/.ssh/authorized_keys
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: Could not open keyfile '/root/.ssh/authorized_keys': Permission denied
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: restore_uid: 0/0
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: temporarily_use_uid: 1000/1000 (e=0/0)
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: trying public key file /root/.ssh/authorized_keys
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: Could not open keyfile '/root/.ssh/authorized_keys': Permission denied
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: restore_uid: 0/0
Mar 15 18:04:20 ht-5 sshd[16966]: Failed publickey for eugene from *.*.191.67 port 59873 ssh2

Author: Nicolas Chabanovsky, 2011-03-15
Source

4 answers

If you can get in with a password, then it makes sense to look at the logs, why sshd discourages authorization by the key. You can also enable DEGUB logging in the sshd config.

We do this.

1) Enable the debug log for sshd:

# Logging
SyslogFacility AUTH
LogLevel DEBUG

And rebut sshd.

2) Connect to the server via ssh with a password. And we put the log on tracking:

- tail -f /var/log/auth.log

3) The second session we try to connect with the key and in real time we look at what is written in the log.

Addendum.

That's right.

Here are the errors:

Mar 15 18:04:20 ht-5 sshd[16966]: debug1: trying public key file /root/.ssh/authorized_keys
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: Could not open keyfile '/root/.ssh/authorized_keys': Permission denied
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: restore_uid: 0/0
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: temporarily_use_uid: 1000/1000 (e=0/0)
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: trying public key file /root/.ssh/authorized_keys
Mar 15 18:04:20 ht-5 sshd[16966]: debug1: Could not open keyfile '/root/.ssh/authorized_keys': Permission denied

Permission denied

 3
Author: Veon, 2011-03-16 08:57:10

Solved the problem. it turns out that it was necessary to write in the configuration file:

AuthorizedKeysFile .ssh/authorized_keys

Instead of:

AuthorizedKeysFile ~/.ssh/authorized_keys

 0
Author: Eugene, 2011-03-17 17:58:42

The same problem was, it was all because of the rights to the user folder and the key. That's how it works.

[email protected] вот так в putty задаётся user drwx------ 2 user user 4096 Dec 22 13:06 .ssh такие права на папку Конфиг по умолчания Строку не раскрывал \#AuthorizedKeysFile %h/.ssh/authorized_keys

 0
Author: minoro, 2011-12-22 14:23:10

Well, the public key is not in root, but in eugene in the home directory.

 0
Author: Николай, 2015-11-13 08:03:26