SSH Connection to GitHub on a remote server - linux

I'm trying to clone on of my repo GitHub with SSH on my remote server Debian.
In local i have keys id_ed25519.pub and id_ed25519.
I have done an
sh-copy-id -i ~/.ssh/id_ed25519.pub user#host
Checked on remote server and my pubkey is inside authorized_keys.
My pubkey is on my GitHub account too.
On my remote server my sshd_config has :
AuthorizedKeysFile ~/.ssh/authorized_keys
and
PubkeyAuthentication yes
and
PasswordAuthentication no
When doing an ssh -vT git#github.com :
OpenSSH_7.9p1 Debian-10+deb10u2, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to github.com [...] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
debug1: Remote protocol version 2.0, remote software version babeld-78794f53
debug1: no match: babeld-78794f53
debug1: Authenticating to github.com:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:.......
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: Will attempt key: /root/.ssh/id_rsa
debug1: Will attempt key: /root/.ssh/id_dsa
debug1: Will attempt key: /root/.ssh/id_ecdsa
debug1: Will attempt key: /root/.ssh/id_ed25519
debug1: Will attempt key: /root/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Trying private key: /root/.ssh/id_xmss
debug1: No more authentication methods to try.
git#github.com: Permission denied (publickey).

Your remote server doesn't know your private key.
Normally you don't want to copy the private key to a remote server.
But while connecting from your local machine to the remote server, you can use the agent forwarding with
ssh myuser#remoteserver -A
This allows the remote server to use your private key, but without access to the key itself.
Or you can add ForwardAgent yes into your ~/.ssh/config file

Related

Github cannot connect using ssh

I am setting up my SSH keys with github. Did it numerous times earlier so i am pretty much sure that i am doing it right. But its not working. whenever i clone it just gets stuck there for around 5-10 mins and then returns this
Cloning into 'sentry-python'...
Connection to github.com closed by remote host.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Ran this command to check what's going on ssh -vT git#github.com. One of the many lines in output has this
Authenticated to github.com ([13.234.176.102]:22) using "publickey".
Followed official documentation for setting up keys. I believe its something else.
UPDATE:
HTTPs works fine
Output from: ssh -vT git#github.com
OpenSSH_8.9p1 Ubuntu-3, OpenSSL 3.0.2 15 Mar 2022
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to github.com [13.234.176.102] port 22.
debug1: Connection established.
debug1: identity file /home/user/.ssh/id_rsa type 0
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: identity file /home/user/.ssh/id_ecdsa type -1
debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/user/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/user/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/user/.ssh/id_ed25519 type -1
debug1: identity file /home/user/.ssh/id_ed25519-cert type -1
debug1: identity file /home/user/.ssh/id_ed25519_sk type -1
debug1: identity file /home/user/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/user/.ssh/id_xmss type -1
debug1: identity file /home/user/.ssh/id_xmss-cert type -1
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: identity file /home/user/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3
debug1: Remote protocol version 2.0, remote software version babeld-92f10f70
debug1: compat_banner: no match: babeld-92f10f70
debug1: Authenticating to github.com:22 as 'git'
debug1: load_hostkeys: fopen /home/user/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: <SERVER HOST KEY HERE>
debug1: load_hostkeys: fopen /home/user/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'github.com' is known and matches the ED25519 host key.
debug1: Found key in /home/user/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 1 keys
debug1: Will attempt key: /home/user/.ssh/id_rsa RSA <KEY HERE> agent
debug1: Will attempt key: /home/user/.ssh/id_ecdsa
debug1: Will attempt key: /home/user/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/user/.ssh/id_ed25519
debug1: Will attempt key: /home/user/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/user/.ssh/id_xmss
debug1: Will attempt key: /home/user/.ssh/id_dsa
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp256-cert-v01#openssh.com,sk-ssh-ed25519-cert-v01#openssh.com,sk-ecdsa-sha2-nistp256-cert-v01#openssh.com,rsa-sha2-512-cert-v01#openssh.com,rsa-sha2-256-cert-v01#openssh.com,ssh-rsa-cert-v01#openssh.com,sk-ssh-ed25519#openssh.com,sk-ecdsa-sha2-nistp256#openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/user/.ssh/id_rsa RSA <KEY HERE> agent
debug1: Server accepts key: /home/user/.ssh/id_rsa RSA <KEY HERE> agent
Authenticated to github.com ([13.234.176.102]:22) using "publickey".
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: filesystem
debug1: client_input_global_request: rtype hostkeys-00#openssh.com want_reply 0
debug1: client_input_hostkeys: searching /home/user/.ssh/known_hosts for github.com / (none)
debug1: client_input_hostkeys: searching /home/user/.ssh/known_hosts2 for github.com / (none)
debug1: client_input_hostkeys: hostkeys file /home/user/.ssh/known_hosts2 does not exist
debug1: client_input_hostkeys: no new or deprecated keys from server
debug1: Sending environment.
debug1: channel 0: setting env LANG = "en_IN"
Okay. So earlier logs where till LANG = "en_IN". Now after altering some permission of my keys here's the updated log.
OpenSSH_8.9p1 Ubuntu-3, OpenSSL 3.0.2 15 Mar 2022
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to github.com [13.234.210.38] port 22.
debug1: Connection established.
debug1: identity file /home/user/.ssh/id_rsa type 0
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: identity file /home/user/.ssh/id_ecdsa type -1
debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/user/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/user/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/user/.ssh/id_ed25519 type -1
debug1: identity file /home/user/.ssh/id_ed25519-cert type -1
debug1: identity file /home/user/.ssh/id_ed25519_sk type -1
debug1: identity file /home/user/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/user/.ssh/id_xmss type -1
debug1: identity file /home/user/.ssh/id_xmss-cert type -1
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: identity file /home/user/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3
debug1: Remote protocol version 2.0, remote software version babeld-92f10f70
debug1: compat_banner: no match: babeld-92f10f70
debug1: Authenticating to github.com:22 as 'git'
debug1: load_hostkeys: fopen /home/user/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: <SERVER HOST KEY>
debug1: load_hostkeys: fopen /home/user/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'github.com' is known and matches the ED25519 host key.
debug1: Found key in /home/user/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 1 keys
debug1: Will attempt key: /home/user/.ssh/id_rsa <KEY HERE> agent
debug1: Will attempt key: /home/user/.ssh/id_ecdsa
debug1: Will attempt key: /home/user/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/user/.ssh/id_ed25519
debug1: Will attempt key: /home/user/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/user/.ssh/id_xmss
debug1: Will attempt key: /home/user/.ssh/id_dsa
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp256-cert-v01#openssh.com,sk-ssh-ed25519-cert-v01#openssh.com,sk-ecdsa-sha2-nistp256-cert-v01#openssh.com,rsa-sha2-512-cert-v01#openssh.com,rsa-sha2-256-cert-v01#openssh.com,ssh-rsa-cert-v01#openssh.com,sk-ssh-ed25519#openssh.com,sk-ecdsa-sha2-nistp256#openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/user/.ssh/id_rsa RSA <KEY HERE> agent
debug1: Server accepts key: /home/user/.ssh/id_rsa RSA <KEY HERE> agent
Authenticated to github.com ([13.234.210.38]:22) using "publickey".
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: filesystem
debug1: client_input_global_request: rtype hostkeys-00#openssh.com want_reply 0
debug1: client_input_hostkeys: searching /home/user/.ssh/known_hosts for github.com / (none)
debug1: client_input_hostkeys: searching /home/user/.ssh/known_hosts2 for github.com / (none)
debug1: client_input_hostkeys: hostkeys file /home/user/.ssh/known_hosts2 does not exist
debug1: client_input_hostkeys: no new or deprecated keys from server
debug1: Sending environment.
debug1: channel 0: setting env LANG = "en_IN"
PTY allocation request failed on channel 0
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Hi targhs! You've successfully authenticated, but GitHub does not provide shell access.
debug1: channel 0: free: client-session, nchannels 1
Connection to github.com closed.
Transferred: sent 3888, received 2812 bytes, in 0.6 seconds
Bytes per second: sent 6234.8, received 4509.3
debug1: Exit status 1
TL;DR link to what might as well be a duplicate here.
Explanation (long-ish)
You have something new in your edit: agent refused operation. That's the problem here. You are using an ssh agent, and it's the agent that must pass the private key (of the public/private key-pair) to ssh so that your ssh can decrypt the challenge that GitHub have sent to your ssh.
The way ssh authentication works (boiled down a bit) is this:
Your ssh client (ssh command) opens a channel to the host (in this case GitHub).
Your client tells them you'd like to log in as some user name (in this case git: GitHub always requires this as a constant).
Their ssh server then says: I might let you in, provided you prove to me that you have permission. Send me a public key.
Your client then pokes around to look for a public key to send. It finds one and sends it.
Their server checks to see if that ssh key is a valid key. It is; it's registered to you. But maybe you're not targhs. Maybe you've snagged the public key from the real targhs, and this connection is from an imposter! So they want to make sure you're really targhs. They use the public key to encrypt a random value, and send you—or rather, your client ssh—the value, challenging you to decrypt it.
Your client now requires the private key.
It's pretty common to have both public and private keys stored in a file on your computer (e.g., on your laptop). When this is the case, your ssh client can just open and read the private key file, giving it access to that private key. For security purposes, though, you can do one or both of these two things:
Not supply the private key at all. Keep it only in an agent.
Keep the private key in an encrypted file, so that a decryption key—separate from the public and private key—is required to read the private key.
If you've done either or both of these, your ssh client now needs help.
To get that help, your ssh client can:
interact directly with you, the user, via the keyboard: this may or may not be permitted; or
consult an ssh agent.
The ssh agent enables ssh clients to interact with you, the user, and provide the (secret) private key, even if it's not on the computer on which you're running ssh, or if it's just encrypted, or whatever. To do that, the ssh client asks the ssh agent for the key.
Your ssh agent says: Nuh-uh, not gonna give you the key!
Why does your ssh agent say that? That's the mystery here; that's what you have to figure out. There are multiple possible reasons. Fortunately, they're all pretty well covered in a separate StackOverflow question and answers: see How to solve "sign_and_send_pubkey: signing failed: agent refused operation"?

why ssh always ask me for passwords even I have set the public key in VPS?

I just order a VPS in Vultr, and want set to ssh without passwords. after configured the ssh key things, I think it should be work, but failed.
yes, I have multiple ssh configures like github, gitlab or some other things and this is the configure file
Host gitlab
HostName cd.i.foo.com
IdentityFile ~/.ssh/id_rsa
Host github
HostName github.com
IdentityFile ~/.ssh/id_rsa_gayhub
Host vultr
HostName 198.13.59.103
Port 22
User root
IdentityFile ~/.ssh/id_rsa_vultr
but when I try with specified path ssh root#198.13.59.103 -i ~/.ssh/id_rsa_vultr, it can work!!!
below is some more log with ssh -v -v root#198.13.59.103
OpenSSH_7.6p1, LibreSSL 2.6.2
debug1: Reading configuration data /Users/xdguo/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to 198.13.59.103 port 22.
debug1: Connection established.
debug1: identity file /Users/xdguo/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /Users/xdguo/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/xdguo/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/xdguo/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/xdguo/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/xdguo/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/xdguo/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/xdguo/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.2
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.2 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 198.13.59.103:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256#libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:s8qKj8CKXc6tp7zmVV32hiqHvdrxk46JVJQlQfpOQ0Q
debug1: Host '198.13.59.103' is known and matches the ECDSA host key.
debug1: Found key in /Users/xdguo/.ssh/known_hosts:40
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:LBGwqZmXcUwd6kqIuDAxIj+jbPBeLbU1uwrxN1mQRKQ /Users/xdguo/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /Users/xdguo/.ssh/id_dsa
debug1: Trying private key: /Users/xdguo/.ssh/id_ecdsa
debug1: Trying private key: /Users/xdguo/.ssh/id_ed25519
debug1: Next authentication method: password
root#198.13.59.103's password:
I think I spend lots of time here, it really maked me confused, thanks in advance for any help
ssh -v -v root#198.13.59.103 would not work, as it would default to id_rsa.
You need to test:
ssh -Tvv vultr
Only that "URL" (vultr) would be the equivalent of ssh root#198.13.59.103 -i ~/.ssh/id_rsa_vultr: it would find everything it needs in your ~/.ssh/config, under the Host vultr entry.
Doesn't look like it accepts an RSA-signed key.
Look at these lines:
debug1: Trying private key: /Users/xdguo/.ssh/id_dsa
debug1: Trying private key: /Users/xdguo/.ssh/id_ecdsa
debug1: Trying private key: /Users/xdguo/.ssh/id_ed25519
It's looking for a private key signed with DSA instead.
Try again and create a private-public pair signed with DSA instead. (No need to remove your other private key; you can have as many as you want of as many different types as you want on your machine.)

unable to scp file from ubuntu to Amazon EC2

I am running a sch command and getting the following error, can anyone tell me what is that?
xxxxxxxxx#ubuntu:~/Downloads$ sudo scp -v "word_count.jar" ubuntu#54.68.0.10:/usr/
Executing: program /usr/bin/ssh host 54.68.0.10, user ubuntu, command scp -v -t /usr/
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 54.68.0.10 [54.68.0.10] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm#openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm#openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA e3:5f:e0:7e:be:e4:ca:bd:a3:51:de:12:11:a9:e0:22
debug1: Host '54.68.0.10' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:2
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey).
lost connection
I am basically trying to send a file to a Amazon EC2 machine that runs Ubuntu from my local machine.
In most cases, EC2 nodes are configured to require key authentication using an identity file.
That is why your debug output ends with:
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey).
Locate the identity file and then issue your scp command as:
scp -vi identity_file.pem word_count.jar ubuntu#54.68.0.10:/usr/

Permission denied (publickey) ssh

I am attempting to ssh into a a EC2 machine and ssh has stopped working. I'm not sure how I broke it but it is now unable to connect. I already tried creating a new key but it is not helping.
$ ssh -vT ****#****.****-2.compute.amazonaws.com
OpenSSH_6.6.1, OpenSSL 1.0.1i 6 Aug 2014
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to ec2-****.****-2.compute.amazonaws.com [****] port 22.
debug1: Connection established.
debug1: identity file /home/Brad/.ssh/id_rsa type 1
debug1: identity file /home/Brad/.ssh/id_rsa-cert type -1
debug1: identity file /home/Brad/.ssh/id_dsa type -1
debug1: identity file /home/Brad/.ssh/id_dsa-cert type -1
debug1: identity file /home/Brad/.ssh/id_ecdsa type -1
debug1: identity file /home/Brad/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/Brad/.ssh/id_ed25519 type -1
debug1: identity file /home/Brad/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2
debug1: match: OpenSSH_6.2 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm#openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm#openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA ****
debug1: Host '****.****-2.compute.amazonaws.com' is known and matches the ECDSA host key.
debug1: Found key in /home/Brad/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/Brad/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/Brad/.ssh/id_dsa
debug1: Trying private key: /home/Brad/.ssh/id_ecdsa
debug1: Trying private key: /home/Brad/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey).
I have replaced all of the personal info with *.
Thank you
Nowhere in your command you are referring the ssh private key. Try running command as below:
ssh -i <path_to_the_private_key> ubuntu#<EC2_Hostname>
In above command, note that I have used the username as ubuntu. Depending on which AMI you are using, you should change the username which corresponds to that AMI.

Remove publickey from ssh login

I'm trying to connect to an embedded board of mine through ssh. But upon trying to connect through ssh -v -l root user#xx.xx.xx.xx, I get a series of debug comments:
dico#lithya:~$ sudo ssh -v -l root dico#foxboard2
OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 22: Applying options for *
debug1: Connecting to foxboard2 [10.251.145.180] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-6
debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 18:14:33:1e:88:5f:ad:13:78:9f:36:10:b9:d2:27:e4
debug1: Host 'foxboard2' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: No more authentication methods to try.
Permission denied (publickey,password).
The connection is being established through port 22 so that isn't the problem. So, clearly there is a problem with public/private key authentication. Therefore, how can I make sure that the private/public keys through both my machine and the board are in sync? Or better yet, how do I solve this issue or completely remove any keys?
UPDATE
I've tried to connect to the board by specifying no public key authentication by ssh -o PubkeyAuthentication=no dico#foxboard2, but now it's asking me for a password. I've checked the site but the password I type is incorrect. How can I remove a password request?
You can copy your public key to the server using:
ssh-copy-id user#xx.xx.xx.xx
It is always better to use keys than passwords.
Make sure your ~/.ssh directory is set to mode 700 (chmod 700 ~/.ssh) and your ~/.ssh/authorized_keys is set to mode 600 (chmod 600 ~/.ssh/authorized_keys).
In your /etc/ssh/sshd_config file set PasswordAuthentication no to turn off password logins.

Resources