Why password authentication is not allowed?

authentication ssh passwords
12,770

Solution 1

The SSH client doesn't have a change to even try password authentication because all authentication attempts are used for your public keys.

Removed unused public keys, add something like

Host * PubkeyAuthentication=no

to ~/.ssh/config or actually use public key authentication by adding a public key to ~/.ssh/authorized_keys on the server side.

Solution 2

I am afraid you have too many keys available in your ~/.ssh.

ssh seems to try to use first every key available, but the target machine will only accept 5 authentication requests, so there is no chance to attempt a password authentication.

Move or remove some unused keys so that you have less than 5 keys in your "ssh-add -l".

Solution 3

I also found out that this error pops up when you don't have the same host name set up as the server reports itself, even though your account is valid and ssh public key's permissions are correctly set up.

So for e.g. you have overridden the hostname in your /etc/hosts locally, giving an alias which is different to what the actual hostname is of the remote SSH server. 

XX.XX.YY.YY   host.correct.domain   hostalias

If you are trying to ssh using the hostname as hostalias, the remote SSH server refuses public key authentication, because its hostname is host.correct.domain . This happens on OpenSSH v4.3 server version.

Hope this helps.

Share:
12,770
Mark Zhang
Author by

Mark Zhang

Updated on June 27, 2022

Comments

  • Mark Zhang
    Mark Zhang almost 2 years

    My ssh seems only accept public key authentication now. Even if I'm sure that "PasswordAuthentication" is yes in my /etc/ssh/ssh_config. Here is my ssh log. I wanna know why the password authentication is not allowed in my ssh? P.S: I can force ssh to use password authentication by adding "-o PubkeyAuthentication=no" in the command line.

    markz@markz-hp6200:~$ ssh -l lab 10.19.170.114 -v
OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /home/markz/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 10.19.170.114 [10.19.170.114] port 22.
debug1: Connection established.
debug1: identity file /home/markz/.ssh/id_rsa type -1
debug1: identity file /home/markz/.ssh/id_rsa-cert type -1
debug1: identity file /home/markz/.ssh/id_dsa type -1
debug1: identity file /home/markz/.ssh/id_dsa-cert type -1
debug1: identity file /home/markz/.ssh/id_ecdsa type -1
debug1: identity file /home/markz/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA d5:c0:00:1b:bf:54:56:a0:c6:68:6f:62:a4:1a:e3:e1
debug1: Host '10.19.170.114' is known and matches the ECDSA host key.
debug1: Found key in /home/markz/.ssh/known_hosts:10
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: markz@markz-hp6200
debug1: Authentications that can continue: publickey,password
debug1: Offering RSA public key: markz@markz-hp6200
debug1: Authentications that can continue: publickey,password
debug1: Offering RSA public key: markz@markz-hp6200
debug1: Authentications that can continue: publickey,password
debug1: Offering RSA public key: markz@markz-hp6200
debug1: Authentications that can continue: publickey,password
debug1: Offering RSA public key: markz@markz-desktop
debug1: Authentications that can continue: publickey,password
debug1: Offering RSA public key: markz@markz-desktop
Received disconnect from 10.19.170.114: 2: Too many authentication failures for lab

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

GitLab: I can't push or clone repo, asking for Git password
Autologin user after registration Wordpress
Login to PostgreSQL using md5 encrypted password and not plaintext password
How can I pass a password to the "su" command?
unable to connect to the aws ec2 instance,Host key verification failed
Curl fails on sftp password authentication
How to Force Postgresql User Login with Password
Public key authentication Permission denied (publickey)
google authenticator for certain users
Permission denied (publickey) Amazon Linux aws