ssh-copy-id succeeded, but still prompt password input

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
1
down vote

favorite












  1. I have ssh-copy-id root@c199 succeeded before.

  2. I can login by ssh root@c199 without password prompt

  3. I want to auto login by another user ufo (remote machine has this user)


  4. ssh-copy-id ufo@c199 ask me enter password,



    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    ufo@c199's password:

    Number of key(s) added: 1

    Now try logging into the machine, with: "ssh 'ufo@c199'"
    and check to make sure that only the key(s) you wanted were added.


  5. But login by ssh ufo@c199 still prompt password input .



I try to login remote centos on msys2(on Windows) by ssh , I found there are many same lines like



ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs7RTfvn83Rxdmvgfh+F4kUlM5FzIUb9rRHaqq11xKIW1gztn/+G4tr+OWl4o6GTW2Z361hIi
ugy8DPtMATN66nTTDUYO0sSvw2BrQfDY4iIENdLpkkHO8KQVGpQE+8tDkaZfD6EQLVtl0uvDE3D77tfcnBLODXgZPQsUSlssMi+pxDbSVjjKgrP
hM1G/L9OTrEHKWDhF+ZBgY1RuLl7ZEdoATbhJaK4FFb9hNn/2CSibVfLts8HJGYQXIQRX/RBzaDZp47sKZvq302ewkkVorNY+c9mmoze6mi8Ip2
zEQOMi6S9zM/yRiD0XZrbmzYfNkoXA03WTmMR/DynVvX2nV /c/Users/xxxx/.ssh/id_rsa


in centos's /home/ufo/.ssh/authorized_keys ,



I have changed .ssh user's folder permissions to 700 and authorized_keys file to 644 .



Same ssh key, ssh root@c199 promptless login , but ssh ufo@c199 prompt password input ..




UPDATE



ssh ufo@c199 -vv output:



....
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:zmCg5vHhBAMd5P4ei82+KsVg072KXbC63C44P0w3zbU
debug1: Host 'c199' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/xxxxx/.ssh/known_hosts:35
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /c/Users/xxxxx/.ssh/id_rsa (0x60006bec0), agent
debug2: key: /c/Users/xxxxx/.ssh/id_dsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ecdsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ed25519 (0x0)
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/xxxxx/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_dsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: Next authentication method: password






share|improve this question


















  • 2




    Step 5 is you logging in with ssh but you show messages coming from ssh-copy-id...what?
    – B Layer
    Nov 28 '17 at 1:35










  • You need to login into the machine using the new command like the prompt displayed: "Now try logging into the machine, with: "ssh 'ufo@c199'"" So try doing ssh ufo@c199 and see if that prompts you for your password. If you continue to have issues, you'll need to run sshd in debug mode using /usr/sbin/sshd -d on the target machine and try to connect, then update your post with the debug output.
    – Patrick
    Nov 28 '17 at 1:41











  • @B Layer Sorry, a copy miss .. @Patrick But I don't want to see the prompt , I need auto login without prompt .That's what ssh-copy-id use for , right ?
    – Mithril
    Nov 28 '17 at 1:53











  • @Mithril, you are setting up promptless login with ssh-copy-id, you still need to use ssh ufo@c199 to make the actual connection to the target. If keys are set up correctly you will get a "promptless login" and be dropped straight into a shell after the SSH command.
    – Patrick
    Nov 28 '17 at 1:55






  • 1




    If they are all 777, you need to adjust them to the values I stated above using the chmod command. E.g. chmod 644 ~/.ssh/authorized_keys
    – Patrick
    Nov 28 '17 at 2:11














up vote
1
down vote

favorite












  1. I have ssh-copy-id root@c199 succeeded before.

  2. I can login by ssh root@c199 without password prompt

  3. I want to auto login by another user ufo (remote machine has this user)


  4. ssh-copy-id ufo@c199 ask me enter password,



    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    ufo@c199's password:

    Number of key(s) added: 1

    Now try logging into the machine, with: "ssh 'ufo@c199'"
    and check to make sure that only the key(s) you wanted were added.


  5. But login by ssh ufo@c199 still prompt password input .



I try to login remote centos on msys2(on Windows) by ssh , I found there are many same lines like



ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs7RTfvn83Rxdmvgfh+F4kUlM5FzIUb9rRHaqq11xKIW1gztn/+G4tr+OWl4o6GTW2Z361hIi
ugy8DPtMATN66nTTDUYO0sSvw2BrQfDY4iIENdLpkkHO8KQVGpQE+8tDkaZfD6EQLVtl0uvDE3D77tfcnBLODXgZPQsUSlssMi+pxDbSVjjKgrP
hM1G/L9OTrEHKWDhF+ZBgY1RuLl7ZEdoATbhJaK4FFb9hNn/2CSibVfLts8HJGYQXIQRX/RBzaDZp47sKZvq302ewkkVorNY+c9mmoze6mi8Ip2
zEQOMi6S9zM/yRiD0XZrbmzYfNkoXA03WTmMR/DynVvX2nV /c/Users/xxxx/.ssh/id_rsa


in centos's /home/ufo/.ssh/authorized_keys ,



I have changed .ssh user's folder permissions to 700 and authorized_keys file to 644 .



Same ssh key, ssh root@c199 promptless login , but ssh ufo@c199 prompt password input ..




UPDATE



ssh ufo@c199 -vv output:



....
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:zmCg5vHhBAMd5P4ei82+KsVg072KXbC63C44P0w3zbU
debug1: Host 'c199' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/xxxxx/.ssh/known_hosts:35
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /c/Users/xxxxx/.ssh/id_rsa (0x60006bec0), agent
debug2: key: /c/Users/xxxxx/.ssh/id_dsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ecdsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ed25519 (0x0)
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/xxxxx/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_dsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: Next authentication method: password






share|improve this question


















  • 2




    Step 5 is you logging in with ssh but you show messages coming from ssh-copy-id...what?
    – B Layer
    Nov 28 '17 at 1:35










  • You need to login into the machine using the new command like the prompt displayed: "Now try logging into the machine, with: "ssh 'ufo@c199'"" So try doing ssh ufo@c199 and see if that prompts you for your password. If you continue to have issues, you'll need to run sshd in debug mode using /usr/sbin/sshd -d on the target machine and try to connect, then update your post with the debug output.
    – Patrick
    Nov 28 '17 at 1:41











  • @B Layer Sorry, a copy miss .. @Patrick But I don't want to see the prompt , I need auto login without prompt .That's what ssh-copy-id use for , right ?
    – Mithril
    Nov 28 '17 at 1:53











  • @Mithril, you are setting up promptless login with ssh-copy-id, you still need to use ssh ufo@c199 to make the actual connection to the target. If keys are set up correctly you will get a "promptless login" and be dropped straight into a shell after the SSH command.
    – Patrick
    Nov 28 '17 at 1:55






  • 1




    If they are all 777, you need to adjust them to the values I stated above using the chmod command. E.g. chmod 644 ~/.ssh/authorized_keys
    – Patrick
    Nov 28 '17 at 2:11












up vote
1
down vote

favorite









up vote
1
down vote

favorite











  1. I have ssh-copy-id root@c199 succeeded before.

  2. I can login by ssh root@c199 without password prompt

  3. I want to auto login by another user ufo (remote machine has this user)


  4. ssh-copy-id ufo@c199 ask me enter password,



    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    ufo@c199's password:

    Number of key(s) added: 1

    Now try logging into the machine, with: "ssh 'ufo@c199'"
    and check to make sure that only the key(s) you wanted were added.


  5. But login by ssh ufo@c199 still prompt password input .



I try to login remote centos on msys2(on Windows) by ssh , I found there are many same lines like



ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs7RTfvn83Rxdmvgfh+F4kUlM5FzIUb9rRHaqq11xKIW1gztn/+G4tr+OWl4o6GTW2Z361hIi
ugy8DPtMATN66nTTDUYO0sSvw2BrQfDY4iIENdLpkkHO8KQVGpQE+8tDkaZfD6EQLVtl0uvDE3D77tfcnBLODXgZPQsUSlssMi+pxDbSVjjKgrP
hM1G/L9OTrEHKWDhF+ZBgY1RuLl7ZEdoATbhJaK4FFb9hNn/2CSibVfLts8HJGYQXIQRX/RBzaDZp47sKZvq302ewkkVorNY+c9mmoze6mi8Ip2
zEQOMi6S9zM/yRiD0XZrbmzYfNkoXA03WTmMR/DynVvX2nV /c/Users/xxxx/.ssh/id_rsa


in centos's /home/ufo/.ssh/authorized_keys ,



I have changed .ssh user's folder permissions to 700 and authorized_keys file to 644 .



Same ssh key, ssh root@c199 promptless login , but ssh ufo@c199 prompt password input ..




UPDATE



ssh ufo@c199 -vv output:



....
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:zmCg5vHhBAMd5P4ei82+KsVg072KXbC63C44P0w3zbU
debug1: Host 'c199' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/xxxxx/.ssh/known_hosts:35
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /c/Users/xxxxx/.ssh/id_rsa (0x60006bec0), agent
debug2: key: /c/Users/xxxxx/.ssh/id_dsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ecdsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ed25519 (0x0)
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/xxxxx/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_dsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: Next authentication method: password






share|improve this question














  1. I have ssh-copy-id root@c199 succeeded before.

  2. I can login by ssh root@c199 without password prompt

  3. I want to auto login by another user ufo (remote machine has this user)


  4. ssh-copy-id ufo@c199 ask me enter password,



    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    ufo@c199's password:

    Number of key(s) added: 1

    Now try logging into the machine, with: "ssh 'ufo@c199'"
    and check to make sure that only the key(s) you wanted were added.


  5. But login by ssh ufo@c199 still prompt password input .



I try to login remote centos on msys2(on Windows) by ssh , I found there are many same lines like



ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs7RTfvn83Rxdmvgfh+F4kUlM5FzIUb9rRHaqq11xKIW1gztn/+G4tr+OWl4o6GTW2Z361hIi
ugy8DPtMATN66nTTDUYO0sSvw2BrQfDY4iIENdLpkkHO8KQVGpQE+8tDkaZfD6EQLVtl0uvDE3D77tfcnBLODXgZPQsUSlssMi+pxDbSVjjKgrP
hM1G/L9OTrEHKWDhF+ZBgY1RuLl7ZEdoATbhJaK4FFb9hNn/2CSibVfLts8HJGYQXIQRX/RBzaDZp47sKZvq302ewkkVorNY+c9mmoze6mi8Ip2
zEQOMi6S9zM/yRiD0XZrbmzYfNkoXA03WTmMR/DynVvX2nV /c/Users/xxxx/.ssh/id_rsa


in centos's /home/ufo/.ssh/authorized_keys ,



I have changed .ssh user's folder permissions to 700 and authorized_keys file to 644 .



Same ssh key, ssh root@c199 promptless login , but ssh ufo@c199 prompt password input ..




UPDATE



ssh ufo@c199 -vv output:



....
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:zmCg5vHhBAMd5P4ei82+KsVg072KXbC63C44P0w3zbU
debug1: Host 'c199' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/xxxxx/.ssh/known_hosts:35
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /c/Users/xxxxx/.ssh/id_rsa (0x60006bec0), agent
debug2: key: /c/Users/xxxxx/.ssh/id_dsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ecdsa (0x0)
debug2: key: /c/Users/xxxxx/.ssh/id_ed25519 (0x0)
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/xxxxx/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_dsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/xxxxx/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: Next authentication method: password








share|improve this question













share|improve this question




share|improve this question








edited Jan 2 at 1:50

























asked Nov 28 '17 at 1:24









Mithril

12211




12211







  • 2




    Step 5 is you logging in with ssh but you show messages coming from ssh-copy-id...what?
    – B Layer
    Nov 28 '17 at 1:35










  • You need to login into the machine using the new command like the prompt displayed: "Now try logging into the machine, with: "ssh 'ufo@c199'"" So try doing ssh ufo@c199 and see if that prompts you for your password. If you continue to have issues, you'll need to run sshd in debug mode using /usr/sbin/sshd -d on the target machine and try to connect, then update your post with the debug output.
    – Patrick
    Nov 28 '17 at 1:41











  • @B Layer Sorry, a copy miss .. @Patrick But I don't want to see the prompt , I need auto login without prompt .That's what ssh-copy-id use for , right ?
    – Mithril
    Nov 28 '17 at 1:53











  • @Mithril, you are setting up promptless login with ssh-copy-id, you still need to use ssh ufo@c199 to make the actual connection to the target. If keys are set up correctly you will get a "promptless login" and be dropped straight into a shell after the SSH command.
    – Patrick
    Nov 28 '17 at 1:55






  • 1




    If they are all 777, you need to adjust them to the values I stated above using the chmod command. E.g. chmod 644 ~/.ssh/authorized_keys
    – Patrick
    Nov 28 '17 at 2:11












  • 2




    Step 5 is you logging in with ssh but you show messages coming from ssh-copy-id...what?
    – B Layer
    Nov 28 '17 at 1:35










  • You need to login into the machine using the new command like the prompt displayed: "Now try logging into the machine, with: "ssh 'ufo@c199'"" So try doing ssh ufo@c199 and see if that prompts you for your password. If you continue to have issues, you'll need to run sshd in debug mode using /usr/sbin/sshd -d on the target machine and try to connect, then update your post with the debug output.
    – Patrick
    Nov 28 '17 at 1:41











  • @B Layer Sorry, a copy miss .. @Patrick But I don't want to see the prompt , I need auto login without prompt .That's what ssh-copy-id use for , right ?
    – Mithril
    Nov 28 '17 at 1:53











  • @Mithril, you are setting up promptless login with ssh-copy-id, you still need to use ssh ufo@c199 to make the actual connection to the target. If keys are set up correctly you will get a "promptless login" and be dropped straight into a shell after the SSH command.
    – Patrick
    Nov 28 '17 at 1:55






  • 1




    If they are all 777, you need to adjust them to the values I stated above using the chmod command. E.g. chmod 644 ~/.ssh/authorized_keys
    – Patrick
    Nov 28 '17 at 2:11







2




2




Step 5 is you logging in with ssh but you show messages coming from ssh-copy-id...what?
– B Layer
Nov 28 '17 at 1:35




Step 5 is you logging in with ssh but you show messages coming from ssh-copy-id...what?
– B Layer
Nov 28 '17 at 1:35












You need to login into the machine using the new command like the prompt displayed: "Now try logging into the machine, with: "ssh 'ufo@c199'"" So try doing ssh ufo@c199 and see if that prompts you for your password. If you continue to have issues, you'll need to run sshd in debug mode using /usr/sbin/sshd -d on the target machine and try to connect, then update your post with the debug output.
– Patrick
Nov 28 '17 at 1:41





You need to login into the machine using the new command like the prompt displayed: "Now try logging into the machine, with: "ssh 'ufo@c199'"" So try doing ssh ufo@c199 and see if that prompts you for your password. If you continue to have issues, you'll need to run sshd in debug mode using /usr/sbin/sshd -d on the target machine and try to connect, then update your post with the debug output.
– Patrick
Nov 28 '17 at 1:41













@B Layer Sorry, a copy miss .. @Patrick But I don't want to see the prompt , I need auto login without prompt .That's what ssh-copy-id use for , right ?
– Mithril
Nov 28 '17 at 1:53





@B Layer Sorry, a copy miss .. @Patrick But I don't want to see the prompt , I need auto login without prompt .That's what ssh-copy-id use for , right ?
– Mithril
Nov 28 '17 at 1:53













@Mithril, you are setting up promptless login with ssh-copy-id, you still need to use ssh ufo@c199 to make the actual connection to the target. If keys are set up correctly you will get a "promptless login" and be dropped straight into a shell after the SSH command.
– Patrick
Nov 28 '17 at 1:55




@Mithril, you are setting up promptless login with ssh-copy-id, you still need to use ssh ufo@c199 to make the actual connection to the target. If keys are set up correctly you will get a "promptless login" and be dropped straight into a shell after the SSH command.
– Patrick
Nov 28 '17 at 1:55




1




1




If they are all 777, you need to adjust them to the values I stated above using the chmod command. E.g. chmod 644 ~/.ssh/authorized_keys
– Patrick
Nov 28 '17 at 2:11




If they are all 777, you need to adjust them to the values I stated above using the chmod command. E.g. chmod 644 ~/.ssh/authorized_keys
– Patrick
Nov 28 '17 at 2:11










3 Answers
3






active

oldest

votes

















up vote
1
down vote



accepted










Thanks to https://unix.stackexchange.com/a/55481/106419, which told me how to debug ssh.



To enable ssh debug to see what happen



systemctl stop sshd
/usr/sbin/sshd -d -p 22


I found:



Authentication refused: bad ownership or modes for directory /home/ufo


All guys only told:




  • /home/ufo/.ssh ownership is correct 700


  • /home/ufo/.ssh/authorized_keys ownership is correct 600/644

But sshd still check the user home folder !!! No one mentioned this !



sudo chmod 700 /home/ufo solve this problem.




Summary:



You need ensure:




  • /home/ufo ownership is 700


  • /home/ufo/.ssh ownership is 700


  • /home/ufo/.ssh/authorized_keys ownership is 600

change ufo to you home folder name






share|improve this answer



























    up vote
    1
    down vote













    I had to add the following to my sshd_config file:



    PubkeyAcceptedKeyTypes=+ssh-dss


    the restart ssh






    share|improve this answer



























      up vote
      0
      down vote













      Apparently you have not put an entry in the authorized_keys file of the user ufo.....or the permissions are wrong on ~ufo/.ssh files/directories.






      share|improve this answer




















        Your Answer







        StackExchange.ready(function()
        var channelOptions =
        tags: "".split(" "),
        id: "106"
        ;
        initTagRenderer("".split(" "), "".split(" "), channelOptions);

        StackExchange.using("externalEditor", function()
        // Have to fire editor after snippets, if snippets enabled
        if (StackExchange.settings.snippets.snippetsEnabled)
        StackExchange.using("snippets", function()
        createEditor();
        );

        else
        createEditor();

        );

        function createEditor()
        StackExchange.prepareEditor(
        heartbeatType: 'answer',
        convertImagesToLinks: false,
        noModals: false,
        showLowRepImageUploadWarning: true,
        reputationToPostImages: null,
        bindNavPrevention: true,
        postfix: "",
        onDemand: true,
        discardSelector: ".discard-answer"
        ,immediatelyShowMarkdownHelp:true
        );



        );













         

        draft saved


        draft discarded


















        StackExchange.ready(
        function ()
        StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f407394%2fssh-copy-id-succeeded-but-still-prompt-password-input%23new-answer', 'question_page');

        );

        Post as a guest






























        3 Answers
        3






        active

        oldest

        votes








        3 Answers
        3






        active

        oldest

        votes









        active

        oldest

        votes






        active

        oldest

        votes








        up vote
        1
        down vote



        accepted










        Thanks to https://unix.stackexchange.com/a/55481/106419, which told me how to debug ssh.



        To enable ssh debug to see what happen



        systemctl stop sshd
        /usr/sbin/sshd -d -p 22


        I found:



        Authentication refused: bad ownership or modes for directory /home/ufo


        All guys only told:




        • /home/ufo/.ssh ownership is correct 700


        • /home/ufo/.ssh/authorized_keys ownership is correct 600/644

        But sshd still check the user home folder !!! No one mentioned this !



        sudo chmod 700 /home/ufo solve this problem.




        Summary:



        You need ensure:




        • /home/ufo ownership is 700


        • /home/ufo/.ssh ownership is 700


        • /home/ufo/.ssh/authorized_keys ownership is 600

        change ufo to you home folder name






        share|improve this answer
























          up vote
          1
          down vote



          accepted










          Thanks to https://unix.stackexchange.com/a/55481/106419, which told me how to debug ssh.



          To enable ssh debug to see what happen



          systemctl stop sshd
          /usr/sbin/sshd -d -p 22


          I found:



          Authentication refused: bad ownership or modes for directory /home/ufo


          All guys only told:




          • /home/ufo/.ssh ownership is correct 700


          • /home/ufo/.ssh/authorized_keys ownership is correct 600/644

          But sshd still check the user home folder !!! No one mentioned this !



          sudo chmod 700 /home/ufo solve this problem.




          Summary:



          You need ensure:




          • /home/ufo ownership is 700


          • /home/ufo/.ssh ownership is 700


          • /home/ufo/.ssh/authorized_keys ownership is 600

          change ufo to you home folder name






          share|improve this answer






















            up vote
            1
            down vote



            accepted







            up vote
            1
            down vote



            accepted






            Thanks to https://unix.stackexchange.com/a/55481/106419, which told me how to debug ssh.



            To enable ssh debug to see what happen



            systemctl stop sshd
            /usr/sbin/sshd -d -p 22


            I found:



            Authentication refused: bad ownership or modes for directory /home/ufo


            All guys only told:




            • /home/ufo/.ssh ownership is correct 700


            • /home/ufo/.ssh/authorized_keys ownership is correct 600/644

            But sshd still check the user home folder !!! No one mentioned this !



            sudo chmod 700 /home/ufo solve this problem.




            Summary:



            You need ensure:




            • /home/ufo ownership is 700


            • /home/ufo/.ssh ownership is 700


            • /home/ufo/.ssh/authorized_keys ownership is 600

            change ufo to you home folder name






            share|improve this answer












            Thanks to https://unix.stackexchange.com/a/55481/106419, which told me how to debug ssh.



            To enable ssh debug to see what happen



            systemctl stop sshd
            /usr/sbin/sshd -d -p 22


            I found:



            Authentication refused: bad ownership or modes for directory /home/ufo


            All guys only told:




            • /home/ufo/.ssh ownership is correct 700


            • /home/ufo/.ssh/authorized_keys ownership is correct 600/644

            But sshd still check the user home folder !!! No one mentioned this !



            sudo chmod 700 /home/ufo solve this problem.




            Summary:



            You need ensure:




            • /home/ufo ownership is 700


            • /home/ufo/.ssh ownership is 700


            • /home/ufo/.ssh/authorized_keys ownership is 600

            change ufo to you home folder name







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered Jan 2 at 1:45









            Mithril

            12211




            12211






















                up vote
                1
                down vote













                I had to add the following to my sshd_config file:



                PubkeyAcceptedKeyTypes=+ssh-dss


                the restart ssh






                share|improve this answer
























                  up vote
                  1
                  down vote













                  I had to add the following to my sshd_config file:



                  PubkeyAcceptedKeyTypes=+ssh-dss


                  the restart ssh






                  share|improve this answer






















                    up vote
                    1
                    down vote










                    up vote
                    1
                    down vote









                    I had to add the following to my sshd_config file:



                    PubkeyAcceptedKeyTypes=+ssh-dss


                    the restart ssh






                    share|improve this answer












                    I had to add the following to my sshd_config file:



                    PubkeyAcceptedKeyTypes=+ssh-dss


                    the restart ssh







                    share|improve this answer












                    share|improve this answer



                    share|improve this answer










                    answered Apr 6 at 4:48









                    millican

                    111




                    111




















                        up vote
                        0
                        down vote













                        Apparently you have not put an entry in the authorized_keys file of the user ufo.....or the permissions are wrong on ~ufo/.ssh files/directories.






                        share|improve this answer
























                          up vote
                          0
                          down vote













                          Apparently you have not put an entry in the authorized_keys file of the user ufo.....or the permissions are wrong on ~ufo/.ssh files/directories.






                          share|improve this answer






















                            up vote
                            0
                            down vote










                            up vote
                            0
                            down vote









                            Apparently you have not put an entry in the authorized_keys file of the user ufo.....or the permissions are wrong on ~ufo/.ssh files/directories.






                            share|improve this answer












                            Apparently you have not put an entry in the authorized_keys file of the user ufo.....or the permissions are wrong on ~ufo/.ssh files/directories.







                            share|improve this answer












                            share|improve this answer



                            share|improve this answer










                            answered Nov 28 '17 at 1:43









                            mdpc

                            4,78521835




                            4,78521835



























                                 

                                draft saved


                                draft discarded















































                                 


                                draft saved


                                draft discarded














                                StackExchange.ready(
                                function ()
                                StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f407394%2fssh-copy-id-succeeded-but-still-prompt-password-input%23new-answer', 'question_page');

                                );

                                Post as a guest













































































                                Popular posts from this blog

                                How to check contact read email or not when send email to Individual?

                                Displaying single band from multi-band raster using QGIS

                                How many registers does an x86_64 CPU actually have?