ssh localhost: Permission denied (publickey) Ubuntu on WSL2
I spent a day googling on this and finally got it working.
Quoted from your -vvv
log:
debug1: Offering public key: /home/shervleradvm/.ssh/id_rsa RSA SHA256:WfkneDotRaioAvWLHi+4L0CpHg+EZ8cWMPPGbx/jUXQ debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51
This shows that your public key is sent but the "receive packet: type 51" means permission issues on the server side (WSL in your case) when strict mode is enabled in your sshd_config
.
Inside WSL in your home folder set the permission very carefully:
- Owner and group should be set to your user on the
~/.ssh
and its files. - The folder
~/.ssh
should set to700 / drwx------
- The file
authorized_keys
should set to711 / -rwx--x--x
- The files
*.pub
should set to644 / -rw-r--r--
- All other files should set to
600 / -rw-------
Outside WSL in your home folder's .ssh
directory the config
file should look like this :
Host localhost
HostName localhost
User shervleradvm
PubkeyAuthentication yes
The param IdentityFile ~/.ssh/id_rsa
is not necessary.
Related videos on Youtube
Shervin Rad
Chemical Engineering with minor in Finance and Accounting. Learning functional programming and scripting for uni projects. Still very new to the Python world.
Updated on September 18, 2022Comments
-
Shervin Rad over 1 year
I'm having trouble "sshing" to localhost and getting a permission denied. I have tried everything from root or using sudo as well.
I'm having trouble "sshing" to localhost and getting a permission denied. I have tried everything from root or using sudo as well.
Ran the following:
ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys cat /root/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys chmod 0600 ~/.ssh/authorized_keys ssh localhost
As the root user I have also done the following in case I use either user and the directories get mixed up:
cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys cat /home/shervleradvm/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
First time was because the service was not running. So I did
sudo service ssh start
I have also disabled the ufw for the test.sudo ufw disable
read/write permissions on the key files aredrwx------ 2 shervleradvm shervleradvm 4096 Nov 21 23:15 . drwxr-xr-x 6 shervleradvm shervleradvm 4096 Nov 21 23:25 .. -rw-r----- 1 shervleradvm shervleradvm 1146 Nov 21 23:23 authorized_keys -r-------- 1 root shervleradvm 2610 Nov 18 13:17 id_rsa -r-------- 1 shervleradvm shervleradvm 577 Nov 18 13:17 id_rsa.pub -rw-r--r-- 1 shervleradvm shervleradvm 444 Nov 18 15:05 known_hosts
sshd_config file was missing the following so I added and tested each and combinations of:
- AllowUsers: added shervleradvm
- AuthorizedKeysFile: added ~/.ssh/authorized_keys /root/.ssh/authorized_keys
I then changed my config file a little after reading Please explain the complete steps involved in the installation of OpenSSH server on Ubuntu so now it looks like:
# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options override the # default value. Include /etc/ssh/sshd_config.d/*.conf #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key # Ciphers and keying #RekeyLimit default none # Logging #SyslogFacility AUTH ########################################## EDITED LogLevel VERBOSE ################################################## # Authentication: ############################################################## NEW STUFF ############ AllowUsers shervleradvm root ##################################################################################### #LoginGraceTime 2m ########################################### EDITED PermitRootLogin yes ################################################## #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 PubkeyAuthentication yes # Expect .ssh/authorized_keys2 to be disregarded by default in future. ########################################################################### EDITED AuthorizedKeysFile ~/.ssh/authorized_keys /root/.ssh/authorized_keys #AuthorizedPrincipalsFile none #AuthorizedKeysCommand none #AuthorizedKeysCommandUser nobody # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication no #PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes #GSSAPIStrictAcceptorCheck yes #GSSAPIKeyExchange no # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes #AllowAgentForwarding yes ############################################ EDITED AllowTcpForwarding no #################################################### #GatewayPorts no ############################################ EDITED X11Forwarding no #################################################### #X11DisplayOffset 10 #X11UseLocalhost yes #PermitTTY yes PrintMotd no #PrintLastLog yes #TCPKeepAlive yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS no #PidFile /var/run/sshd.pid #MaxStartups 10:30:100 #PermitTunnel no #ChrootDirectory none #VersionAddendum none # no default banner path ########################################## EDITED Banner /etc/issue.net ##################################################### # Allow client to pass locale environment variables AcceptEnv LANG LC_* # override default of no subsystems Subsystem sftp /usr/lib/openssh/sftp-server # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no # AllowTcpForwarding no # PermitTTY no # ForceCommand cvs server
I'm not sure what else I can try I've been stuck on this for days and I have read all the other questions regarding ssh.
The verbose output is:
OpenSSH_8.2p1 Ubuntu-4ubuntu0.1, OpenSSL 1.1.1f 31 Mar 2020 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files debug1: /etc/ssh/ssh_config line 21: Applying options for * debug1: Connecting to localhost [127.0.0.1] port 22. debug1: Connection established. debug1: identity file /home/shervleradvm/.ssh/id_rsa type 0 debug1: identity file /home/shervleradvm/.ssh/id_rsa-cert type -1 debug1: identity file /home/shervleradvm/.ssh/id_dsa type -1 debug1: identity file /home/shervleradvm/.ssh/id_dsa-cert type -1 debug1: identity file /home/shervleradvm/.ssh/id_ecdsa type -1 debug1: identity file /home/shervleradvm/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/shervleradvm/.ssh/id_ecdsa_sk type -1 debug1: identity file /home/shervleradvm/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /home/shervleradvm/.ssh/id_ed25519 type -1 debug1: identity file /home/shervleradvm/.ssh/id_ed25519-cert type -1 debug1: identity file /home/shervleradvm/.ssh/id_ed25519_sk type -1 debug1: identity file /home/shervleradvm/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /home/shervleradvm/.ssh/id_xmss type -1 debug1: identity file /home/shervleradvm/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.1 debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000 debug1: Authenticating to localhost:22 as 'shervleradvm' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ecdsa-sha2-nistp256 SHA256:RhXPmgq8gMMrSRv7+VlpLb84pRnXi2vDiqdg0EfocK0 debug1: Host 'localhost' is known and matches the ECDSA host key. debug1: Found key in /home/shervleradvm/.ssh/known_hosts:1 debug1: rekey out after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 134217728 blocks debug1: Will attempt key: /home/shervleradvm/.ssh/id_rsa RSA SHA256:WfkneDotRaioAvWLHi+4L0CpHg+EZ8cWMPPGbx/jUXQ debug1: Will attempt key: /home/shervleradvm/.ssh/id_dsa debug1: Will attempt key: /home/shervleradvm/.ssh/id_ecdsa debug1: Will attempt key: /home/shervleradvm/.ssh/id_ecdsa_sk debug1: Will attempt key: /home/shervleradvm/.ssh/id_ed25519 debug1: Will attempt key: /home/shervleradvm/.ssh/id_ed25519_sk debug1: Will attempt key: /home/shervleradvm/.ssh/id_xmss debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected]> debug1: SSH2_MSG_SERVICE_ACCEPT received *************************************************************************** SOME BANNER I HAVE PUT This computer system is the private property of its owner, whether individual, corporate or government. It is for authorized use only. Users (authorized or unauthorized) have no explicit or implicit expectation of privacy. Any or all uses of this system and all files on this system may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to your employer, to authorized site, government, and law enforcement personnel, as well as authorized officials of government agencies, both domestic and foreign. By using this system, the user consents to such interception, monitoring, recording, copying, auditing, inspection, and disclosure at the discretion of such personnel or officials. Unauthorized or improper use of this system may result in civil and criminal penalties and administrative or disciplinary action, as appropriate. By continuing to use this system you indicate your awareness of and consent to these terms and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the conditions stated in this warning. **************************************************************************** debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering public key: /home/shervleradvm/.ssh/id_rsa RSA SHA256:WfkneDotRaioAvWLHi+4L0CpHg+EZ8cWMPPGbx/jUXQ debug1: Authentications that can continue: publickey debug1: Trying private key: /home/shervleradvm/.ssh/id_dsa debug1: Trying private key: /home/shervleradvm/.ssh/id_ecdsa debug1: Trying private key: /home/shervleradvm/.ssh/id_ecdsa_sk debug1: Trying private key: /home/shervleradvm/.ssh/id_ed25519 debug1: Trying private key: /home/shervleradvm/.ssh/id_ed25519_sk debug1: Trying private key: /home/shervleradvm/.ssh/id_xmss debug1: No more authentication methods to try. shervleradvm@localhost: Permission denied (publickey).
UPDATE 1: the syslog in /var/log/syslog only says:
Nov 20 01:05:54 ShervLeRad kernel: [35460.503034] WSL2: Performing memory compaction. Nov 20 01:06:55 ShervLeRad kernel: [35521.519400] WSL2: Performing memory compaction. Nov 20 01:07:56 ShervLeRad kernel: [35582.535366] WSL2: Performing memory compaction. Nov 20 01:08:57 ShervLeRad kernel: [35643.552061] WSL2: Performing memory compaction. Nov 20 01:09:58 ShervLeRad kernel: [35704.567029] WSL2: Performing memory compaction. Nov 20 01:10:59 ShervLeRad kernel: [35765.582427] WSL2: Performing memory compaction. Nov 20 01:12:00 ShervLeRad kernel: [35826.597374] WSL2: Performing memory compaction.
the auth.log in /var/log/auth.log says:
Nov 19 18:48:34 ShervLeRad sudo: shervleradvm : TTY=pts/0 ; PWD=/etc/ssh ; USER=root ; COMMAND=/usr/bin/ssh localhost Nov 19 18:48:34 ShervLeRad sudo: pam_unix(sudo:session): session opened for user root by (uid=0) Nov 19 18:48:34 ShervLeRad sshd[7026]: Connection closed by authenticating user root 127.0.0.1 port 39490 [preauth] Nov 19 18:48:34 ShervLeRad sudo: pam_unix(sudo:session): session closed for user root Nov 19 18:48:37 ShervLeRad sudo: shervleradvm : TTY=pts/0 ; PWD=/etc/ssh ; USER=root ; COMMAND=/usr/bin/vim sshd_config Nov 19 18:48:37 ShervLeRad sudo: pam_unix(sudo:session): session opened for user root by (uid=0) Nov 19 18:48:51 ShervLeRad sudo: pam_unix(sudo:session): session closed for user root
UPDATE 2: I ran ssh with -vvv and the output is:
OpenSSH_8.2p1 Ubuntu-4ubuntu0.1, OpenSSL 1.1.1f 31 Mar 2020 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files debug1: /etc/ssh/ssh_config line 21: Applying options for * debug2: resolving "localhost" port 22 debug2: ssh_connect_direct debug1: Connecting to localhost [127.0.0.1] port 22. debug1: Connection established. debug1: identity file /home/shervleradvm/.ssh/id_rsa type 0 debug1: identity file /home/shervleradvm/.ssh/id_rsa-cert type -1 debug1: identity file /home/shervleradvm/.ssh/id_dsa type -1 debug1: identity file /home/shervleradvm/.ssh/id_dsa-cert type -1 debug1: identity file /home/shervleradvm/.ssh/id_ecdsa type -1 debug1: identity file /home/shervleradvm/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/shervleradvm/.ssh/id_ecdsa_sk type -1 debug1: identity file /home/shervleradvm/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /home/shervleradvm/.ssh/id_ed25519 type -1 debug1: identity file /home/shervleradvm/.ssh/id_ed25519-cert type -1 debug1: identity file /home/shervleradvm/.ssh/id_ed25519_sk type -1 debug1: identity file /home/shervleradvm/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /home/shervleradvm/.ssh/id_xmss type -1 debug1: identity file /home/shervleradvm/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.1 debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000 debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to localhost:22 as 'shervleradvm' debug3: hostkeys_foreach: reading file "/home/shervleradvm/.ssh/known_hosts" debug3: record_hostkey: found key type ECDSA in file /home/shervleradvm/.ssh/known_hosts:1 debug3: load_hostkeys: loaded 1 keys from localhost debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c debug2: host key algorithms: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,[email protected],rsa-sha2-512,rsa-sha2-256,ssh-rsa debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,[email protected],zlib debug2: compression stoc: none,[email protected],zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,[email protected] debug2: compression stoc: none,[email protected] debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none debug3: send packet: type 30 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug3: receive packet: type 31 debug1: Server host key: ecdsa-sha2-nistp256 SHA256:RhXPmgq8gMMrSRv7+VlpLb84pRnXi2vDiqdg0EfocK0 debug3: hostkeys_foreach: reading file "/home/shervleradvm/.ssh/known_hosts" debug3: record_hostkey: found key type ECDSA in file /home/shervleradvm/.ssh/known_hosts:1 debug3: load_hostkeys: loaded 1 keys from localhost debug1: Host 'localhost' is known and matches the ECDSA host key. debug1: Found key in /home/shervleradvm/.ssh/known_hosts:1 debug3: send packet: type 21 debug2: set_newkeys: mode 1 debug1: rekey out after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug3: receive packet: type 21 debug1: SSH2_MSG_NEWKEYS received debug2: set_newkeys: mode 0 debug1: rekey in after 134217728 blocks debug1: Will attempt key: /home/shervleradvm/.ssh/id_rsa RSA SHA256:WfkneDotRaioAvWLHi+4L0CpHg+EZ8cWMPPGbx/jUXQ debug1: Will attempt key: /home/shervleradvm/.ssh/id_dsa debug1: Will attempt key: /home/shervleradvm/.ssh/id_ecdsa debug1: Will attempt key: /home/shervleradvm/.ssh/id_ecdsa_sk debug1: Will attempt key: /home/shervleradvm/.ssh/id_ed25519 debug1: Will attempt key: /home/shervleradvm/.ssh/id_ed25519_sk debug1: Will attempt key: /home/shervleradvm/.ssh/id_xmss debug2: pubkey_prepare: done debug3: send packet: type 5 debug3: receive packet: type 7 debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected]> debug3: receive packet: type 6 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug3: send packet: type 50 debug3: receive packet: type 53 debug3: input_userauth_banner *************************************************************************** NOTICE TO USERS This computer system is the private property of its owner, whether individual, corporate or government. It is for authorized use only. Users (authorized or unauthorized) have no explicit or implicit expectation of privacy. Any or all uses of this system and all files on this system may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to your employer, to authorized site, government, and law enforcement personnel, as well as authorized officials of government agencies, both domestic and foreign. By using this system, the user consents to such interception, monitoring, recording, copying, auditing, inspection, and disclosure at the discretion of such personnel or officials. Unauthorized or improper use of this system may result in civil and criminal penalties and administrative or disciplinary action, as appropriate. By continuing to use this system you indicate your awareness of and consent to these terms and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the conditions stated in this warning. **************************************************************************** debug3: receive packet: type 51 debug1: Authentications that can continue: publickey debug3: start over, passed a different list publickey debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering public key: /home/shervleradvm/.ssh/id_rsa RSA SHA256:WfkneDotRaioAvWLHi+4L0CpHg+EZ8cWMPPGbx/jUXQ debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey debug1: Trying private key: /home/shervleradvm/.ssh/id_dsa debug3: no such identity: /home/shervleradvm/.ssh/id_dsa: No such file or directory debug1: Trying private key: /home/shervleradvm/.ssh/id_ecdsa debug3: no such identity: /home/shervleradvm/.ssh/id_ecdsa: No such file or directory debug1: Trying private key: /home/shervleradvm/.ssh/id_ecdsa_sk debug3: no such identity: /home/shervleradvm/.ssh/id_ecdsa_sk: No such file or directory debug1: Trying private key: /home/shervleradvm/.ssh/id_ed25519 debug3: no such identity: /home/shervleradvm/.ssh/id_ed25519: No such file or directory debug1: Trying private key: /home/shervleradvm/.ssh/id_ed25519_sk debug3: no such identity: /home/shervleradvm/.ssh/id_ed25519_sk: No such file or directory debug1: Trying private key: /home/shervleradvm/.ssh/id_xmss debug3: no such identity: /home/shervleradvm/.ssh/id_xmss: No such file or directory debug2: we did not send a packet, disable method debug1: No more authentication methods to try. shervleradvm@localhost: Permission denied (publickey).
UPDATE 3:
I just tried
ssh -i id_rsa localhost
from ~/.ssh dir of shervleradvm user to try defining private_key to use. That didn't work. So I didtouch config && vim config
then I defined the private key for the localhost:Host localhost HostName localhost User shervleradvm IdentityFile ~/.ssh/id_rsa
and then ran
ssh localhost
. The error presists.UPDATE 4: I changed the owner of the private key to shervleradvm and gave the following permissions:
-rw------- 1 shervleradvm shervleradvm 2610 Nov 18 13:17 id_rsa -r-------- 1 shervleradvm shervleradvm 577 Nov 18 13:17 id_rsa.pub
didn't help.
-
szegheo over 3 yearsI have the same problem. I've tried everything but I always get "Permission denied (publickey)". However I was able to connect with password after changed
PasswordAuthentication
to on insshd_config
and connecting likessh wslusername@yourwslhost
. Have you found the solution for the public key problem meanwhile?
-
Shervin Rad over 3 yearsI tried using root user as well so if its that then the root should not have a problem right?
-
vidarlo over 3 yearsRoot has a seperate home directory. The permissions are wrong for your user according to your question.
-
Shervin Rad over 3 yearsI did that but still get the same error :(
-
vidarlo over 3 yearsDo you see anything in the server logs?
-
Shervin Rad over 3 yearsI updated the post with the logs; are these the logs that are of interest?
-
Bengt Olsson over 3 yearsDoes the ~/.ssh directory have permissions 700?
-
Shervin Rad over 3 yearsyup,
drwx------ 2 shervleradvm shervleradvm 4096 Nov 25 14:28 .ssh
-
Keith over 2 yearsAlso, the server's user's home directory must be owned by that user.