I'm trying to log in to a particular user on my lightsail account via ssh but I get a permission denied (public key) error
Here are the steps I followed(I am on git bash on windows 8)
ssh into my lightsail account via the .pem key provided via aws
ssh -i <key.pem> ubuntu#<public_ip_address>
(I am now logged in to my lightsail server)
sudo adduser user1
sudo touch /etc/sudoers.d/user1
sudo nano /etc/sudoers.d/user1
** user1 ALL=(ALL:ALL) ALL**
su - user1
sudo mkdir .ssh
sudo touch .ssh/authorized_keys
I open Another shell prompt and do the following
-ssh-keygen
-cat <file_location_of_key>.pub
-copy the contents
paste the contents of the public key created on my local machine
via ssh-keygen
sudo chmod 700 .ssh
sudo chmod 600 .ssh/authorized_keys
sudo service ssh restart
exit
I exit from the lightsail account and try to ssh to the grader user
ssh -i <file_location_of_key> user1#<public_ip_address>
I get the error Permission denied (publickey).
Note: I havn't changed any port setting yet. I’m still trying to connect it to my default port 22
#RickBaker #helloV Thanks for your help. Realised the file was still owned by root. Had to change to ownership of the file to user1. ssh works fine now
Related
Server provider offered me an option to create ssh connection. I applied pub key generated with putty and I can enter it as a root.
First thing I did was to create a new user with sudo rights.
I opened /etc/ssh/sshd_config and inserted:
AllowUsers my_user
from /root/.ssh/authorized_keys I copy to /home/my_user/.ssh/authorized_keys
I apply
systemctl restart ssh
I try to enter again via putty.
login as: new_user
I get error: server refused our key ... What could be a problem?
could be a permission issue. set keys permission first
chown -R my_user:my_user /home/my_user/.ssh
chmod 700 /home/my_user/.ssh
chmod 600 /home/my_user/.ssh/authorized_keys
I am trying to transfer files to my Google cloud hosted Linux (Debian) instance via secure copy (scp). I did exactly what the documentation told to connect from a local machine to the instance. https://cloud.google.com/compute/docs/instances/connecting-to-instance.
Created a SSH keygen
Added the keygen to my instance
I can login successfully by:
ssh -i ~/.ssh/my-keygen [USERNAME]#[IP]
But when I want to copy files to the instance I get a message "permission denied".
scp -r -i ~/.ssh/my-keygen /path/to/directory/ [USERNAME]#[IP]:/var/www/html/
It looks like the user with which I login has no permissions to write files, so I already tried to change the file permissions of /var/www/, but this still gives the permission denied message.
I also tried to add the user to the root group, but this still gives the same problem.
usermod -G root myuser
The command line should be
scp -r -i ~/.ssh/my-keygen /path/to/directory/ [USERNAME]#[IP]:/var/www/html/
Assuming your files are in the local /path/to/directory/ and the /var/www/html/ is on the remote server.
The permissions does not allow to write in the /var/www/html/. Writing to /tmp/ should work. Then you can copy the files with sudo to the desired destination with root privileges.
If SSH isn't working, install gcloud CLI and run the following locally: gcloud compute scp --recurse /path/to/directory [IP] --tunnel-through-iap. This will dump the directory into your /home/[USERNAME]/ folder. Then log into the console and use sudo to move the directory to /var/www/html/.
For documentation, see https://cloud.google.com/sdk/gcloud/reference/compute/scp.
On my Windows 10, I am running into the problem of not being able to connect to m Vagrant virtual machine via ssh user with public key authentication method at git bash using command such as
$ ssh -v lauser#127.0.0.1 -p 2222 -i ~/.ssh/id_rsa
I would be prompted for password, as if the public key I copied to in the ~/.ssh/Authorized_keys file inside the vm were not seen. Meanwhile,the password authentication method works, as well as 'vagrant ssh'.
I have made sure to
create key pairs locally, create a .ssh directory at the remote, and add pub key string to the remote's .ssh /authorized_keys file; both the .ssh and the .ssh /authorized_keys file are owned by the user(lauser), and set at 700 and 644
edit the /etc/ssh/sshd_config file on vm to use
RSAAuthentication yes
PubkeyAuthentication yes
and restarted the sshd server (with 'sudo service ssh restart').
verify that firewall has been disabled temporarily to eliminate any complication.
verify that there is only one vm running, all others are either in 'suspend' or 'halt' mode.
confirm the file type by 'file ~/.ssh/authorized_keys', and get confirmation '~/.ssh/authorized_keys: OpenSSH RSA public key'
verify that the keys match by comparing the output from 'sudo cat ~/.ssh/authorized_keys' in vm and the output from ' cat ~/.ssh/id_rsa.pub' at the local.
but still I get Permission denied (publickey) when trying to connect through public key authentication.
It sounds like you've done everything correctly so far. When I run in to this problem, it's usually due to directory permissions on the target user's home directory (~), ~/.ssh or ~/.ssh/authorized_keys.
See this answer on SuperUser.
I faced same challenges when the home directory on the remote did not have correct privileges. Changing permissions from 777 to 744 helped me
I have created passwordless ssh for localhost. I test it and work fine.Now when I create a new user with following command
sudo useradd -d /home/testuser -m -g impadmin impadmin_test
then after if I tri ssh localhost
then it asks for password. can anybody help me what may be the reason behind this.
The issue arrise because when add a user in the same group then it decreases the permissions of .ssh folder and its child files, so after adding new user just increase the permission of .ssh folder by
sudo chmod -R 700 .ssh
Then ssh localhost will work fine
Using 'Execute shell script on remote host using ssh' option and need sudo rights on remote server to change permissions and remove protected files.
How to run session with this rights?
Getting message
sudo: sorry, you must have a tty to run sudo
when trying to run sudo command.
To run sudo remotely you have 2 options
Allow the user to run sudo commands without a password.
Append username ALL=(ALL) NOPASSWD: ALL the /etc/sudoers file with sudo visudo. Alternatively you can modify this line to only allow certain sudo commands to be run without a password
Use the pseudo-tty to emulate tty remotely and enter your sudo password when requsted.
To do this run ssh -t username#host command_to_execute
If the remote server accepts the direct login of the root user you can simply do:
ssh -l root yourserver command_to_execute
Similar syntax is:
ssh root#yourserver command_to_execute
Mind that allowing the login of the root user via ssh to a remote server isn't always a good solution.
A better solution would be change the owner / permissions to allow a non-root user to modify the protected files.