ssh-copy-id succeeded, but still prompt password input
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
- I have
ssh-copy-id root@c199
succeeded before. - I can login by
ssh root@c199
without password prompt - I want to auto login by another user
ufo
(remote machine has this user) ssh-copy-id ufo@c199
ask me enter password,/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ufo@c199's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'ufo@c199'"
and check to make sure that only the key(s) you wanted were added.But login by
ssh ufo@c199
still prompt password input .
I try to login remote centos on msys2(on Windows) by ssh , I found there are many same lines like
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs7RTfvn83Rxdmvgfh+F4kUlM5FzIUb9rRHaqq11xKIW1gztn/+G4tr+OWl4o6GTW2Z361hIi
ugy8DPtMATN66nTTDUYO0sSvw2BrQfDY4iIENdLpkkHO8KQVGpQE+8tDkaZfD6EQLVtl0uvDE3D77tfcnBLODXgZPQsUSlssMi+pxDbSVjjKgrP
hM1G/L9OTrEHKWDhF+ZBgY1RuLl7ZEdoATbhJaK4FFb9hNn/2CSibVfLts8HJGYQXIQRX/RBzaDZp47sKZvq302ewkkVorNY+c9mmoze6mi8Ip2
zEQOMi6S9zM/yRiD0XZrbmzYfNkoXA03WTmMR/DynVvX2nV /c/Users/xxxx/.ssh/id_rsa
in centos's /home/ufo/.ssh/authorized_keys
,
I have changed .ssh user's folder permissions to 700 and authorized_keys file to 644 .
Same ssh key, ssh root@c199
promptless login , but ssh ufo@c199
prompt password input ..
UPDATE
ssh ufo@c199 -vv
output:
....
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:zmCg5vHhBAMd5P4ei82+KsVg072KXbC63C44P0w3zbU
debug1: Host 'c199' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/xxxxx/.ssh/known_hosts:35
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /c/Users/xxxxx/.ssh/id_rsa (0x60006bec0), agent
debug2: key: /c/Users/xxxxx/.ssh/id_dsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ecdsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ed25519 (0x0)
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/xxxxx/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_dsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
ssh password authentication sshd
 |Â
show 9 more comments
up vote
1
down vote
favorite
- I have
ssh-copy-id root@c199
succeeded before. - I can login by
ssh root@c199
without password prompt - I want to auto login by another user
ufo
(remote machine has this user) ssh-copy-id ufo@c199
ask me enter password,/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ufo@c199's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'ufo@c199'"
and check to make sure that only the key(s) you wanted were added.But login by
ssh ufo@c199
still prompt password input .
I try to login remote centos on msys2(on Windows) by ssh , I found there are many same lines like
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs7RTfvn83Rxdmvgfh+F4kUlM5FzIUb9rRHaqq11xKIW1gztn/+G4tr+OWl4o6GTW2Z361hIi
ugy8DPtMATN66nTTDUYO0sSvw2BrQfDY4iIENdLpkkHO8KQVGpQE+8tDkaZfD6EQLVtl0uvDE3D77tfcnBLODXgZPQsUSlssMi+pxDbSVjjKgrP
hM1G/L9OTrEHKWDhF+ZBgY1RuLl7ZEdoATbhJaK4FFb9hNn/2CSibVfLts8HJGYQXIQRX/RBzaDZp47sKZvq302ewkkVorNY+c9mmoze6mi8Ip2
zEQOMi6S9zM/yRiD0XZrbmzYfNkoXA03WTmMR/DynVvX2nV /c/Users/xxxx/.ssh/id_rsa
in centos's /home/ufo/.ssh/authorized_keys
,
I have changed .ssh user's folder permissions to 700 and authorized_keys file to 644 .
Same ssh key, ssh root@c199
promptless login , but ssh ufo@c199
prompt password input ..
UPDATE
ssh ufo@c199 -vv
output:
....
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:zmCg5vHhBAMd5P4ei82+KsVg072KXbC63C44P0w3zbU
debug1: Host 'c199' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/xxxxx/.ssh/known_hosts:35
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /c/Users/xxxxx/.ssh/id_rsa (0x60006bec0), agent
debug2: key: /c/Users/xxxxx/.ssh/id_dsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ecdsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ed25519 (0x0)
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/xxxxx/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_dsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
ssh password authentication sshd
2
Step 5 is you logging in withssh
but you show messages coming fromssh-copy-id
...what?
â B Layer
Nov 28 '17 at 1:35
You need to login into the machine using the new command like the prompt displayed: "Now try logging into the machine, with: "ssh 'ufo@c199'"" So try doingssh ufo@c199
and see if that prompts you for your password. If you continue to have issues, you'll need to run sshd in debug mode using/usr/sbin/sshd -d
on the target machine and try to connect, then update your post with the debug output.
â Patrick
Nov 28 '17 at 1:41
@B Layer Sorry, a copy miss .. @Patrick But I don't want to see the prompt , I need auto login without prompt .That's whatssh-copy-id
use for , right ?
â Mithril
Nov 28 '17 at 1:53
@Mithril, you are setting up promptless login withssh-copy-id
, you still need to usessh ufo@c199
to make the actual connection to the target. If keys are set up correctly you will get a "promptless login" and be dropped straight into a shell after the SSH command.
â Patrick
Nov 28 '17 at 1:55
1
If they are all 777, you need to adjust them to the values I stated above using thechmod
command. E.g.chmod 644 ~/.ssh/authorized_keys
â Patrick
Nov 28 '17 at 2:11
 |Â
show 9 more comments
up vote
1
down vote
favorite
up vote
1
down vote
favorite
- I have
ssh-copy-id root@c199
succeeded before. - I can login by
ssh root@c199
without password prompt - I want to auto login by another user
ufo
(remote machine has this user) ssh-copy-id ufo@c199
ask me enter password,/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ufo@c199's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'ufo@c199'"
and check to make sure that only the key(s) you wanted were added.But login by
ssh ufo@c199
still prompt password input .
I try to login remote centos on msys2(on Windows) by ssh , I found there are many same lines like
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs7RTfvn83Rxdmvgfh+F4kUlM5FzIUb9rRHaqq11xKIW1gztn/+G4tr+OWl4o6GTW2Z361hIi
ugy8DPtMATN66nTTDUYO0sSvw2BrQfDY4iIENdLpkkHO8KQVGpQE+8tDkaZfD6EQLVtl0uvDE3D77tfcnBLODXgZPQsUSlssMi+pxDbSVjjKgrP
hM1G/L9OTrEHKWDhF+ZBgY1RuLl7ZEdoATbhJaK4FFb9hNn/2CSibVfLts8HJGYQXIQRX/RBzaDZp47sKZvq302ewkkVorNY+c9mmoze6mi8Ip2
zEQOMi6S9zM/yRiD0XZrbmzYfNkoXA03WTmMR/DynVvX2nV /c/Users/xxxx/.ssh/id_rsa
in centos's /home/ufo/.ssh/authorized_keys
,
I have changed .ssh user's folder permissions to 700 and authorized_keys file to 644 .
Same ssh key, ssh root@c199
promptless login , but ssh ufo@c199
prompt password input ..
UPDATE
ssh ufo@c199 -vv
output:
....
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:zmCg5vHhBAMd5P4ei82+KsVg072KXbC63C44P0w3zbU
debug1: Host 'c199' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/xxxxx/.ssh/known_hosts:35
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /c/Users/xxxxx/.ssh/id_rsa (0x60006bec0), agent
debug2: key: /c/Users/xxxxx/.ssh/id_dsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ecdsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ed25519 (0x0)
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/xxxxx/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_dsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
ssh password authentication sshd
- I have
ssh-copy-id root@c199
succeeded before. - I can login by
ssh root@c199
without password prompt - I want to auto login by another user
ufo
(remote machine has this user) ssh-copy-id ufo@c199
ask me enter password,/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ufo@c199's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'ufo@c199'"
and check to make sure that only the key(s) you wanted were added.But login by
ssh ufo@c199
still prompt password input .
I try to login remote centos on msys2(on Windows) by ssh , I found there are many same lines like
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs7RTfvn83Rxdmvgfh+F4kUlM5FzIUb9rRHaqq11xKIW1gztn/+G4tr+OWl4o6GTW2Z361hIi
ugy8DPtMATN66nTTDUYO0sSvw2BrQfDY4iIENdLpkkHO8KQVGpQE+8tDkaZfD6EQLVtl0uvDE3D77tfcnBLODXgZPQsUSlssMi+pxDbSVjjKgrP
hM1G/L9OTrEHKWDhF+ZBgY1RuLl7ZEdoATbhJaK4FFb9hNn/2CSibVfLts8HJGYQXIQRX/RBzaDZp47sKZvq302ewkkVorNY+c9mmoze6mi8Ip2
zEQOMi6S9zM/yRiD0XZrbmzYfNkoXA03WTmMR/DynVvX2nV /c/Users/xxxx/.ssh/id_rsa
in centos's /home/ufo/.ssh/authorized_keys
,
I have changed .ssh user's folder permissions to 700 and authorized_keys file to 644 .
Same ssh key, ssh root@c199
promptless login , but ssh ufo@c199
prompt password input ..
UPDATE
ssh ufo@c199 -vv
output:
....
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:zmCg5vHhBAMd5P4ei82+KsVg072KXbC63C44P0w3zbU
debug1: Host 'c199' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/xxxxx/.ssh/known_hosts:35
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /c/Users/xxxxx/.ssh/id_rsa (0x60006bec0), agent
debug2: key: /c/Users/xxxxx/.ssh/id_dsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ecdsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ed25519 (0x0)
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/xxxxx/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_dsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
ssh password authentication sshd
edited Jan 2 at 1:50
asked Nov 28 '17 at 1:24
Mithril
12211
12211
2
Step 5 is you logging in withssh
but you show messages coming fromssh-copy-id
...what?
â B Layer
Nov 28 '17 at 1:35
You need to login into the machine using the new command like the prompt displayed: "Now try logging into the machine, with: "ssh 'ufo@c199'"" So try doingssh ufo@c199
and see if that prompts you for your password. If you continue to have issues, you'll need to run sshd in debug mode using/usr/sbin/sshd -d
on the target machine and try to connect, then update your post with the debug output.
â Patrick
Nov 28 '17 at 1:41
@B Layer Sorry, a copy miss .. @Patrick But I don't want to see the prompt , I need auto login without prompt .That's whatssh-copy-id
use for , right ?
â Mithril
Nov 28 '17 at 1:53
@Mithril, you are setting up promptless login withssh-copy-id
, you still need to usessh ufo@c199
to make the actual connection to the target. If keys are set up correctly you will get a "promptless login" and be dropped straight into a shell after the SSH command.
â Patrick
Nov 28 '17 at 1:55
1
If they are all 777, you need to adjust them to the values I stated above using thechmod
command. E.g.chmod 644 ~/.ssh/authorized_keys
â Patrick
Nov 28 '17 at 2:11
 |Â
show 9 more comments
2
Step 5 is you logging in withssh
but you show messages coming fromssh-copy-id
...what?
â B Layer
Nov 28 '17 at 1:35
You need to login into the machine using the new command like the prompt displayed: "Now try logging into the machine, with: "ssh 'ufo@c199'"" So try doingssh ufo@c199
and see if that prompts you for your password. If you continue to have issues, you'll need to run sshd in debug mode using/usr/sbin/sshd -d
on the target machine and try to connect, then update your post with the debug output.
â Patrick
Nov 28 '17 at 1:41
@B Layer Sorry, a copy miss .. @Patrick But I don't want to see the prompt , I need auto login without prompt .That's whatssh-copy-id
use for , right ?
â Mithril
Nov 28 '17 at 1:53
@Mithril, you are setting up promptless login withssh-copy-id
, you still need to usessh ufo@c199
to make the actual connection to the target. If keys are set up correctly you will get a "promptless login" and be dropped straight into a shell after the SSH command.
â Patrick
Nov 28 '17 at 1:55
1
If they are all 777, you need to adjust them to the values I stated above using thechmod
command. E.g.chmod 644 ~/.ssh/authorized_keys
â Patrick
Nov 28 '17 at 2:11
2
2
Step 5 is you logging in with
ssh
but you show messages coming from ssh-copy-id
...what?â B Layer
Nov 28 '17 at 1:35
Step 5 is you logging in with
ssh
but you show messages coming from ssh-copy-id
...what?â B Layer
Nov 28 '17 at 1:35
You need to login into the machine using the new command like the prompt displayed: "Now try logging into the machine, with: "ssh 'ufo@c199'"" So try doing
ssh ufo@c199
and see if that prompts you for your password. If you continue to have issues, you'll need to run sshd in debug mode using /usr/sbin/sshd -d
on the target machine and try to connect, then update your post with the debug output.â Patrick
Nov 28 '17 at 1:41
You need to login into the machine using the new command like the prompt displayed: "Now try logging into the machine, with: "ssh 'ufo@c199'"" So try doing
ssh ufo@c199
and see if that prompts you for your password. If you continue to have issues, you'll need to run sshd in debug mode using /usr/sbin/sshd -d
on the target machine and try to connect, then update your post with the debug output.â Patrick
Nov 28 '17 at 1:41
@B Layer Sorry, a copy miss .. @Patrick But I don't want to see the prompt , I need auto login without prompt .That's what
ssh-copy-id
use for , right ?â Mithril
Nov 28 '17 at 1:53
@B Layer Sorry, a copy miss .. @Patrick But I don't want to see the prompt , I need auto login without prompt .That's what
ssh-copy-id
use for , right ?â Mithril
Nov 28 '17 at 1:53
@Mithril, you are setting up promptless login with
ssh-copy-id
, you still need to use ssh ufo@c199
to make the actual connection to the target. If keys are set up correctly you will get a "promptless login" and be dropped straight into a shell after the SSH command.â Patrick
Nov 28 '17 at 1:55
@Mithril, you are setting up promptless login with
ssh-copy-id
, you still need to use ssh ufo@c199
to make the actual connection to the target. If keys are set up correctly you will get a "promptless login" and be dropped straight into a shell after the SSH command.â Patrick
Nov 28 '17 at 1:55
1
1
If they are all 777, you need to adjust them to the values I stated above using the
chmod
command. E.g. chmod 644 ~/.ssh/authorized_keys
â Patrick
Nov 28 '17 at 2:11
If they are all 777, you need to adjust them to the values I stated above using the
chmod
command. E.g. chmod 644 ~/.ssh/authorized_keys
â Patrick
Nov 28 '17 at 2:11
 |Â
show 9 more comments
3 Answers
3
active
oldest
votes
up vote
1
down vote
accepted
Thanks to https://unix.stackexchange.com/a/55481/106419, which told me how to debug ssh.
To enable ssh debug to see what happen
systemctl stop sshd
/usr/sbin/sshd -d -p 22
I found:
Authentication refused: bad ownership or modes for directory /home/ufo
All guys only told:
/home/ufo/.ssh
ownership is correct 700/home/ufo/.ssh/authorized_keys
ownership is correct 600/644
But sshd still check the user home folder !!! No one mentioned this !
sudo chmod 700 /home/ufo
solve this problem.
Summary:
You need ensure:
/home/ufo
ownership is 700/home/ufo/.ssh
ownership is 700/home/ufo/.ssh/authorized_keys
ownership is 600
change ufo to you home folder name
add a comment |Â
up vote
1
down vote
I had to add the following to my sshd_config file:
PubkeyAcceptedKeyTypes=+ssh-dss
the restart ssh
add a comment |Â
up vote
0
down vote
Apparently you have not put an entry in the authorized_keys file of the user ufo.....or the permissions are wrong on ~ufo/.ssh files/directories.
add a comment |Â
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
Thanks to https://unix.stackexchange.com/a/55481/106419, which told me how to debug ssh.
To enable ssh debug to see what happen
systemctl stop sshd
/usr/sbin/sshd -d -p 22
I found:
Authentication refused: bad ownership or modes for directory /home/ufo
All guys only told:
/home/ufo/.ssh
ownership is correct 700/home/ufo/.ssh/authorized_keys
ownership is correct 600/644
But sshd still check the user home folder !!! No one mentioned this !
sudo chmod 700 /home/ufo
solve this problem.
Summary:
You need ensure:
/home/ufo
ownership is 700/home/ufo/.ssh
ownership is 700/home/ufo/.ssh/authorized_keys
ownership is 600
change ufo to you home folder name
add a comment |Â
up vote
1
down vote
accepted
Thanks to https://unix.stackexchange.com/a/55481/106419, which told me how to debug ssh.
To enable ssh debug to see what happen
systemctl stop sshd
/usr/sbin/sshd -d -p 22
I found:
Authentication refused: bad ownership or modes for directory /home/ufo
All guys only told:
/home/ufo/.ssh
ownership is correct 700/home/ufo/.ssh/authorized_keys
ownership is correct 600/644
But sshd still check the user home folder !!! No one mentioned this !
sudo chmod 700 /home/ufo
solve this problem.
Summary:
You need ensure:
/home/ufo
ownership is 700/home/ufo/.ssh
ownership is 700/home/ufo/.ssh/authorized_keys
ownership is 600
change ufo to you home folder name
add a comment |Â
up vote
1
down vote
accepted
up vote
1
down vote
accepted
Thanks to https://unix.stackexchange.com/a/55481/106419, which told me how to debug ssh.
To enable ssh debug to see what happen
systemctl stop sshd
/usr/sbin/sshd -d -p 22
I found:
Authentication refused: bad ownership or modes for directory /home/ufo
All guys only told:
/home/ufo/.ssh
ownership is correct 700/home/ufo/.ssh/authorized_keys
ownership is correct 600/644
But sshd still check the user home folder !!! No one mentioned this !
sudo chmod 700 /home/ufo
solve this problem.
Summary:
You need ensure:
/home/ufo
ownership is 700/home/ufo/.ssh
ownership is 700/home/ufo/.ssh/authorized_keys
ownership is 600
change ufo to you home folder name
Thanks to https://unix.stackexchange.com/a/55481/106419, which told me how to debug ssh.
To enable ssh debug to see what happen
systemctl stop sshd
/usr/sbin/sshd -d -p 22
I found:
Authentication refused: bad ownership or modes for directory /home/ufo
All guys only told:
/home/ufo/.ssh
ownership is correct 700/home/ufo/.ssh/authorized_keys
ownership is correct 600/644
But sshd still check the user home folder !!! No one mentioned this !
sudo chmod 700 /home/ufo
solve this problem.
Summary:
You need ensure:
/home/ufo
ownership is 700/home/ufo/.ssh
ownership is 700/home/ufo/.ssh/authorized_keys
ownership is 600
change ufo to you home folder name
answered Jan 2 at 1:45
Mithril
12211
12211
add a comment |Â
add a comment |Â
up vote
1
down vote
I had to add the following to my sshd_config file:
PubkeyAcceptedKeyTypes=+ssh-dss
the restart ssh
add a comment |Â
up vote
1
down vote
I had to add the following to my sshd_config file:
PubkeyAcceptedKeyTypes=+ssh-dss
the restart ssh
add a comment |Â
up vote
1
down vote
up vote
1
down vote
I had to add the following to my sshd_config file:
PubkeyAcceptedKeyTypes=+ssh-dss
the restart ssh
I had to add the following to my sshd_config file:
PubkeyAcceptedKeyTypes=+ssh-dss
the restart ssh
answered Apr 6 at 4:48
millican
111
111
add a comment |Â
add a comment |Â
up vote
0
down vote
Apparently you have not put an entry in the authorized_keys file of the user ufo.....or the permissions are wrong on ~ufo/.ssh files/directories.
add a comment |Â
up vote
0
down vote
Apparently you have not put an entry in the authorized_keys file of the user ufo.....or the permissions are wrong on ~ufo/.ssh files/directories.
add a comment |Â
up vote
0
down vote
up vote
0
down vote
Apparently you have not put an entry in the authorized_keys file of the user ufo.....or the permissions are wrong on ~ufo/.ssh files/directories.
Apparently you have not put an entry in the authorized_keys file of the user ufo.....or the permissions are wrong on ~ufo/.ssh files/directories.
answered Nov 28 '17 at 1:43
mdpc
4,78521835
4,78521835
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f407394%2fssh-copy-id-succeeded-but-still-prompt-password-input%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
2
Step 5 is you logging in with
ssh
but you show messages coming fromssh-copy-id
...what?â B Layer
Nov 28 '17 at 1:35
You need to login into the machine using the new command like the prompt displayed: "Now try logging into the machine, with: "ssh 'ufo@c199'"" So try doing
ssh ufo@c199
and see if that prompts you for your password. If you continue to have issues, you'll need to run sshd in debug mode using/usr/sbin/sshd -d
on the target machine and try to connect, then update your post with the debug output.â Patrick
Nov 28 '17 at 1:41
@B Layer Sorry, a copy miss .. @Patrick But I don't want to see the prompt , I need auto login without prompt .That's what
ssh-copy-id
use for , right ?â Mithril
Nov 28 '17 at 1:53
@Mithril, you are setting up promptless login with
ssh-copy-id
, you still need to usessh ufo@c199
to make the actual connection to the target. If keys are set up correctly you will get a "promptless login" and be dropped straight into a shell after the SSH command.â Patrick
Nov 28 '17 at 1:55
1
If they are all 777, you need to adjust them to the values I stated above using the
chmod
command. E.g.chmod 644 ~/.ssh/authorized_keys
â Patrick
Nov 28 '17 at 2:11