OpenSSH + Putty = Server refused our key. Задолбало
Привет. Настраиваю openssh, авторизация по ключам. Генерю ключ в puttygen, кидаю на сервер в /etc/ssh/authorized_keys паблик-часть. Можно так же кидать в ~/.ssh/authorized_keys, но разницы я не заметил.
Фишка в том, что ключ принимается только тогда, когда я захожу под root. В остальных случаях плюётся, мол, сервер не принял ключ. Я уже в отчаянии. Перечитал кучу манов, статеек — всё бесполезно. Для рута работает, а для остальных — нет.
Все authorized_keys рассовывал правильно, в sshd_config прописывал пути (ну, либо у всех в ~, либо общий в /etc/ssh). Chown делал, chmod 700 на папку .ssh и 600 либо 640 на authorized_keys тоже. И так и сяк. Под рутом заходит (принимает ключ), а под другими логинами — нет.
Подскажите, куда копать? Вот конфиг sshd_config текущий: http://gist.github.com/1174417
Версия ssh: OpenSSH_5.5p1 Debian-6, OpenSSL 0.9.8o 01 Jun 2010 OS: Debian Squeeze 6.0.1
PuTTY Server Refused Our Key | How to Troubleshoot (Step-by-step Guide)
Here is a possible error message when you try to connect to the remote SSH server using Putty SSH Key: «server refused our key».
This is because you haven’t copied your public key to the remote server or haven’t done it properly.
Your public key should exist in the authorized_keys file of the user account you used to login to the remote server. The solution is to copy the public key from your Windows 10 PC to the user’s authorized_keys file.
Note that each user has their own authorized_keys file in the home directory. For example, If you log in as user root, you need to place the public key to the «/root/.ssh/authorized_keys».
To solve the «server refused our key» error, you can do the following steps:
Open PuTTYgen, Go to File > Load Private key and open your Private Key File.
Highlight the Public key that was created in the text box and copy it to the clipboard.
Next, Log in to the Linux server and change to the home directory with the cd command:
Then, create the .ssh folder and the .ssh/authorized_keys file (if it doesn’t already exist):
mkdir ~/.ssh touch ~/.ssh/authorized_keys
Open the authorized_keys file and paste the public key.
When you are finished, save the file exit the session.
To connect to the remote server. Open the PuTTY terminal and provide the IP address of the remote server. Then, Go to Connection > SSH > Auth and Load the private key after clicking on the Browse button.
SSH > Auth and Load the private key after clicking on the Browse button» width=»800″ height=»720″ />
Click on Open to establish SSH connection to the Linux server. You should be able to connect to the server without getting «Server refused our key» error.
Ошибка SSH Server refused our key Error
Захотел сделать себе вход по ключу в новой Ubuntu, вроде помню раньше делал работало без проблем. А теперь пришлось повозиться.
Сделал все по инструкции, но получаю ошибку — Server refused our key
Оказалось, SSH не хочет принимать ключи, которые генерирует Putty. Чтобы это исправить нужно добавить в файл конфигурации sshd_config
HostKeyAlgorithms +ssh-rsa PubkeyAcceptedAlgorithms +ssh-rsa
HostKeyAlgorithms +ssh-rsa PubkeyAcceptedAlgorithms +ssh-rsa
Рестартуем сервис service sshd reload
Trying to do ssh authentication with key files: server refused our key
I’m trying to setup ssh authentication with key files in stead of username/password. The client is a Windows box running PuTTY and the server is a Ubuntu 12.04 LTS server. I downloaded puttygen.exe and had it generate a key pair. In /etc/ssh/sshd_config I have this line:
AuthorizedKeysFile %h/.ssh/authorized_keys
and on my client’s public key file it says this:
---- BEGIN SSH2 PUBLIC KEY ---- Comment: "[email protected]" ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAr3Qo6T5XU06ZigGOd3eKvfBhFLhg5kWv8lz6 qJ2G9XCbexlPQGanPhh+vcPkhor6+7OmB+WSdHeNO652kTofnauTKcTCbHjsT7cJ GNrO8WVURRh4fabknUHPmauerWQZ6TgRPGaz0aucU+2C+DUo2SKVFDir1vb+4u83 [email protected] ---- END SSH2 PUBLIC KEY ----
I copied the part from «ssh-rsa AAA» to «[email protected]» and put that in the file ~/.ssh/authorized_keys on my server (in my own homefolder). In PuTTY under Connection > SSH > Auth I entered the path to the private key it generated on my client and saved the session settings. I restarted the ssh server with
sudo service ssh restart
Now if I load the profile in PuTTY (I verified the private key is still in Connection > SSH > Auth and that the path is correct) and run the profile, it says
Server refused our key
I tried putting the public key in a file under the directory ./ssh/authorized_keys/ but that didn’t help so I used ./ssh/authorized_keys as a file, pasting the key in it. I also tried generating a private/public key pair on the server, putting the public key in ./ssh/authorized_files and loading the private one in PuTTY on my client. Rebooting the server didn’t help either. I found that the error may be solved by putting the key in a place outside the user’s home folder but that’s only useful if the home folder is encrypted, which this one is not. Also tried generating a 4096 bit key, thinking perhaps 1024 was too short. How can I get this to work? Thanks!
EDIT:
Ok, /var/log/auth.log said:
sshd: Authentication refused: bad ownership or modes for directory /home/vorkbaard/.ssh
Google tells me ~/.ssh/ should be 700 and and ~/.ssh/authorized_keys should be 600, so I did that. Now /var/log/auth.log says:
sshd: error: key_read: uudecode AAAAB3N [etc etc etc until about 3/4 of my public key]