Can't sftp into server Permission denied, please try again
Same answer as on askubuntu:
You need to set PasswordAuthentication yes
instead of PasswordAuthentication no
in your sshd_config
.
Related videos on Youtube
Comments
-
hurnhu over 1 year
While trying to SFTP in to my server i get
debug1: Authentications that can continue: publickey,password Permission denied, please try again.
Even though i am using the right password.
SSHD_CONFIG for server im trying to connect to.
# Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 25595 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key HostKey /etc/ssh/ssh_host_ed25519_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 1024 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin without-password StrictModes yes RSAAuthentication yes PubkeyAuthentication no #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server -l INFO # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes
Full sftp -v -v -v -p HostImConnectingto 25595 output
debug3: load_hostkeys: loading entries for host "HostImConnectingto" from file "/home/grayson/.ssh/known_hosts" debug3: load_hostkeys: found key type ECDSA in file /home/grayson/.ssh/known_hosts:2 debug3: load_hostkeys: loaded 1 keys debug3: load_hostkeys: loading entries for host "24.231.182.21" from file "/home/grayson/.ssh/known_hosts" debug3: load_hostkeys: found key type ECDSA in file /home/grayson/.ssh/known_hosts:3 debug3: load_hostkeys: loaded 1 keys debug1: Host 'HostImConnectingto' is known and matches the ECDSA host key. debug1: Found key in /home/grayson/.ssh/known_hosts:2 debug1: ssh_ecdsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/grayson/.ssh/id_rsa ((nil)), debug2: key: /home/grayson/.ssh/id_dsa ((nil)), debug2: key: /home/grayson/.ssh/id_ecdsa ((nil)), debug2: key: /home/grayson/.ssh/id_ed25519 ((nil)), debug1: Authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /home/grayson/.ssh/id_rsa debug3: no such identity: /home/grayson/.ssh/id_rsa: No such file or directory debug1: Trying private key: /home/grayson/.ssh/id_dsa debug3: no such identity: /home/grayson/.ssh/id_dsa: No such file or directory debug1: Trying private key: /home/grayson/.ssh/id_ecdsa debug3: no such identity: /home/grayson/.ssh/id_ecdsa: No such file or directory debug1: Trying private key: /home/grayson/.ssh/id_ed25519 debug3: no such identity: /home/grayson/.ssh/id_ed25519: No such file or directory debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password [email protected]'s password: debug3: packet_send2: adding 48 (len 64 padlen 16 extra_pad 64) debug2: we sent a password packet, wait for reply debug1: Authentications that can continue: publickey,password Permission denied, please try again. grayson@HostImConnectingto password:
I can putty into the box fine, but when i try ssh -p 25595 user@WhereImTryingToConnect from another box it does not work. both boxes are ubuntu 14.04
EDIT 1: i have changed PasswordAuthentication from no to yes, and restarted the ssh service. but when i try sftp -v -v -v -p [email protected] 25595. i am still getting the error
debug1: Authentications that can continue: publickey,password Permission denied, please try again.
i have tried 2 different users, and i can verify both passwords have been put in correctly
EDIT 2: i have gotten ssh from box b (computer trying to connect) and box a (computer im connecting to) first i gened a key on box b. then tried to copy the key to box a, got an error saying
bash: line 2: .ssh/authorized_keys: Permission denied
so my first thought was okay permissions on box a are messed up. (even though ive set them to 700 and 600 respectively ) I then went and set ~/.ssh to 777 (THIS IS BAD DO NOT DO) and i also set ~/.ssh/ to 777 (ALSO BAD). with this i was able to copy my ssh key from box b to box a. I am now also able to remote in to box A from B. but i can still not SFTP into box a from b...
-
hurnhu over 8 years@qasdfdsaq currently i am trying to look for the system log that has the reason.. but from what i found it should be in the auth log.. but i can not find the auth log in /etc/log..
-
qasdfdsaq over 8 yearsLogs are in /var/log not /etc/log
-
hurnhu over 8 years@qasdfdsaq oops i ment /var/log.. currently auth.log is not there :(
-
qasdfdsaq over 8 yearsThen you need to add the appropriate logging directives into your sshd_config (SyslogFacility AUTH LogLevel INFO)
-
hurnhu over 8 years@qasdfdsaq i have added Subsystem sftp /usr/lib/openssh/sftp-server -l verbose to my sshd_config, but still nothing in my auth.log..
-
-
hurnhu over 8 yearsi have changed the config to PasswordAuthentication yes, but still no luck..
-
에이바 over 8 yearsDid you restart SSH after you made the change? Ex.
sudo service sshd restart
-
Nikolay Baranenko almost 6 yearsin my variant in /etc/ssh/sshd_config already did exist tunning PasswordAuthentication Yes and did return error Permission denied, please try again.