ssh authentication with id_rsa key not working

14.04 ssh openssh

17,590

The problem is in the ssh server. The authorized key file is set as /opt/gitolite/.ssh/authorized_keys but the file contains the path to the public key of the client rather that the key itself.

To solve this issue you need to copy the public key as it is to the /opt/gitolite/.ssh/authorized_keys file removing all other existing irrelevant contents of the file. Note that this file should be owned by the appropriate user and the permission bits should be 600.

17,590

Gerard van den Bosch

Updated on September 18, 2022

Comments

Gerard van den Bosch 3 months
Openssh seems to locate my id_rsa key but then after:
```
debug2: we sent a publickey packet, wait for reply
```
It start over again with:
```
debug1: Authentications that can continue: publickey,password
```
And eventually asks for a password instead of using my publickey.

From the log I can't really see what is going wrong...

This is the output concerning the authentication:
```
debug2: key: /opt/redmine/.ssh/id_rsa (0x7fe9e43e2900),
debug2: key: /opt/redmine/.ssh/id_dsa ((nil)),
debug2: key: /opt/redmine/.ssh/id_ecdsa ((nil)),
debug2: key: /opt/redmine/.ssh/id_ed25519 ((nil)),
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /opt/redmine/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /opt/redmine/.ssh/id_dsa
debug3: no such identity: /opt/redmine/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /opt/redmine/.ssh/id_ecdsa
debug3: no such identity: /opt/redmine/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /opt/redmine/.ssh/id_ed25519
debug3: no such identity: /opt/redmine/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
```
Anyone a pointer where to look where this is going wrong?
- heemayl about 7 years
  
  Whats the output of grep 'IdentityFile' /etc/ssh/ssh_config ?
- heemayl about 7 years
  
  Remove the # from the front of line IdentityFile ~/.ssh/id_rsa and then check..
- Gerard van den Bosch about 7 years
  
  Output stays the same after the change, it still asks for password
- heemayl about 7 years
  
  No it should not..whats the output of file /opt/redmine/.ssh/id_rsa?
- Gerard van den Bosch about 7 years
  
  [email protected]:~$ file /opt/redmine/.ssh/id_rsa /opt/redmine/.ssh/id_rsa: symbolic link to `/opt/redmine/.ssh/redmine_gitolite_admin_id_rsa' [email protected]:~$ file /opt/redmine/.ssh/redmine_gitolite_admin_id_rsa /opt/redmine/.ssh/redmine_gitolite_admin_id_rsa: PEM RSA private key
- heemayl about 7 years
  
  Have you copied the public key /opt/redmine/.ssh/id_rsa.pub to the server's authorized_keys file?
- Gerard van den Bosch about 7 years
  
  I don't exactly know that, the host is in known_hosts. I am trying to follow this guide redmine.org/projects/redmine/wiki/… I am following it for the second time, first time I had no problem with this, checked all steps already few times but can't seem to find out what is going wrong
- heemayl about 7 years
  
  From the client do: ssh-copy-id -i /opt/redmine/.ssh/id_rsa.pub [email protected]
- Gerard van den Bosch about 7 years
  
  I just found the file, it is managed by gitolite. It is in /opt/gitolite/.ssh/authorized_keys and the content is # gitolite start command="/usr/share/gitolite/gl-auth-command admin",no-port-forwarding,no-X11-forwarding,no-agent-forward‌ing,no-pty /opt/redmine/.ssh/redmine_gitolite_admin_id_rsa.pub # gitolite end
- Gerard van den Bosch about 7 years
  
  I see the problem now, this file should have the contents of the public key file and not the path to it. I must have done something wrong with dpkg-reconfigure gitolite. It is working now, thank you for your assistance.
- Gerard van den Bosch about 7 years
  
  Yes, that would be great :)