ssh - Why isn't it trying my private key?
20,866
Your ssh client is definitely presenting your RSA key to the remote ssh:
debug1: Offering RSA public key: /home/martin/.ssh/id_rsa
debug1: Authentications that can continue: publickey
But for some reason the remote server declines it. The reason can be determining by reviewing it's logs, regardless of what you think about it.
Related videos on Youtube
Author by
Martin
Updated on September 18, 2022Comments
-
Martin over 1 year
I'm trying to connect to a remote SSH server using a private key at
~/.ssh/id_rsa
. When Issh -v
to the server I get the following:... debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/martin/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Offering RSA public key: martin@martin debug1: Authentications that can continue: publickey debug1: Trying private key: /home/martin/.ssh/id_dsa debug1: Trying private key: /home/martin/.ssh/id_ecdsa debug1: Trying private key: /home/martin/.ssh/id_ed25519 debug1: No more authentication methods to try. Permission denied (publickey).
Looking at the output, it seems like it's not even trying my private key. I've tried editing ~/.ssh/config, using the
-i
option, adding the key viassh-add
, and nothing's working.I'm positive that the public key is properly installed at the remote server. Anyone can help me?
Edit:
martin@martin:~/.ssh$ ls -la total 20 drwx------ 2 martin martin 4096 feb 26 09:44 . drwxr-xr-x 41 martin martin 4096 feb 26 09:37 .. -rw------- 1 martin martin 1766 feb 25 16:31 id_rsa -rw-r--r-- 1 martin martin 409 feb 25 16:31 id_rsa.pub -rw-r--r-- 1 martin martin 540 feb 26 09:46 known_hosts
-
Admin over 8 yearsIf your key is
id_rsa
, it is being offered; see "debug1: Offering RSA public key: /home/martin/.ssh/id_rsa". -
Admin over 8 yearsThen the output is confusing.
id_rsa
is my private key, while the output says it's public. Anyway, why isn't it working? -
Admin over 8 yearsNot very confusing, no. And we can't tell why it's not working from the information presented here. As drookie says, you'll need to check the logs on the server side; the client is not told why a key is refused, because that would violate security.
-
Admin over 8 yearsIf you call the private key file "public", then yes, it is confusing. Especially when it later lists the other files as "private keys".
-
Admin over 8 years@Martin, can it be that you have copied the wrong key to the remote server or file permission is wrong? Check it again and make sure you have copied the public key to the remote server, in authorized_keys file, and file permission and ownership are correct.
-
Admin over 8 yearsThose of us who are used to dealing with openssh are used to its little idiosyncracies. In any case, this question is founded on a mistake; you may wish to accept drookie's answer and move onto investigating why the remote server won't honour your keypair. That is a good question - and there are a number like it on SF already - but it isn't this question.
-
Admin over 8 yearsClose it if you want to, as long as it's not deleted. Given that the output is misleading, there are probably more people who'll make the same assumption I made.
-
Admin over 8 years@Martin fair enough, but you should have the gumption to accept drookie's correct answer: that your assumption was wrong.
-
-
Martin over 8 yearsThanks for the answer. As I said in my previous comment, the output is definitely confusing.
id_rsa
is my private key; my public key isid_rsa.pub
. -
drookie over 8 yearsThese are two parts of one key: one is used for encryption, and one for decryption. Private part is never presented to anyone: it is kept safe. So you simply are misinterpreting the output.
-
Martin over 8 yearsYes, but they're stored in different files. The output should point to
id_rsa.pub.