Why is my ssh connection unauthorized although I have updated my key on the remote machine?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
1
down vote

favorite












On my local machine I have a public key stored in 



.ssh/id_rsa.pub


To be able to log in to a remote machine I copy this key using ssh-copy-id:



ssh-copy-id user@remote-host


On the remote host, I see two lines added to the file .ssh/authorized_keys starting with ssh-dss and ssh-rsa, and ending with the local machine information.



However, when I now log in to the remote machine with 



ssh user@remote-host


I am still asked for a password. Why is that and how can this be fixed?



  • The file permissions of authorized_keys are correct.


  • The following is the result of ssh -v:



    OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: /etc/ssh/ssh_config line 19: Applying options for *
    debug1: Connecting to xxx [xxx] port 22.
    debug1: Connection established.
    debug1: identity file /home/alexander/.ssh/id_rsa type 1
    debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
    debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
    debug1: identity file /home/alexander/.ssh/id_rsa-cert type -1
    debug1: identity file /home/alexander/.ssh/id_dsa type 2
    debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
    debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
    debug1: identity file /home/alexander/.ssh/id_dsa-cert type -1
    debug1: identity file /home/alexander/.ssh/id_ecdsa type -1
    debug1: identity file /home/alexander/.ssh/id_ecdsa-cert type -1
    debug1: Remote protocol version 2.0, remote software version dropbear_0.52
    debug1: no match: dropbear_0.52
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-ctr hmac-md5 none
    debug1: kex: client->server aes128-ctr hmac-md5 none
    debug1: sending SSH2_MSG_KEXDH_INIT
    debug1: expecting SSH2_MSG_KEXDH_REPLY
    debug1: Server host key: RSA XXXX
    debug1: Host 'remote_host' is known and matches the RSA host key.
    debug1: Found key in /home/alexander/.ssh/known_hosts:26
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: Roaming not allowed by server
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,password
    debug1: Next authentication method: publickey
    debug1: Offering DSA public key: /home/alexander/.ssh/id_dsa
    debug1: Authentications that can continue: publickey,password
    debug1: Offering RSA public key: /home/alexander/.ssh/id_rsa
    debug1: Authentications that can continue: publickey,password
    debug1: Trying private key: /home/alexander/.ssh/id_ecdsa
    debug1: Next authentication method: password
    user@remote_host's password:







linux ssh authentication







share|improve this question























  • The log only says that your client has offered the key to the server, but apparently the server didn't accept that, so it reverts to password authentication. the reasons for tjat should be on server side, maybe PubkeyAuthentication or AuthorizedKeysFile aren't set on the server?
    – replay
    Nov 8 '13 at 9:15










  • Permissions on authorized_keys file on remote host?
    – jirib
    Nov 8 '13 at 9:20










  • The permissions on the authorized_keys are correct, and unfortunately I have no log files available I can take a look (because the remote host runs a non-standard linux and is highly configured.). Which file(s) usually contain ssh settings?
    – Alex
    Nov 8 '13 at 9:34






  • 1




    I have found the error: The modes of the overlaying directories where incorrect! After fixing all the permissions and ownerships the passwordless ssh login works. Thanks for the suggestions.
    – Alex
    Nov 8 '13 at 9:52










  • So the .ssh dir must be 600 permission and the files inside 700?
    – Timo
    Jan 23 at 9:55














up vote
1
down vote

favorite












On my local machine I have a public key stored in 



.ssh/id_rsa.pub


To be able to log in to a remote machine I copy this key using ssh-copy-id:



ssh-copy-id user@remote-host


On the remote host, I see two lines added to the file .ssh/authorized_keys starting with ssh-dss and ssh-rsa, and ending with the local machine information.



However, when I now log in to the remote machine with 



ssh user@remote-host


I am still asked for a password. Why is that and how can this be fixed?



  • The file permissions of authorized_keys are correct.


  • The following is the result of ssh -v:



    OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: /etc/ssh/ssh_config line 19: Applying options for *
    debug1: Connecting to xxx [xxx] port 22.
    debug1: Connection established.
    debug1: identity file /home/alexander/.ssh/id_rsa type 1
    debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
    debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
    debug1: identity file /home/alexander/.ssh/id_rsa-cert type -1
    debug1: identity file /home/alexander/.ssh/id_dsa type 2
    debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
    debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
    debug1: identity file /home/alexander/.ssh/id_dsa-cert type -1
    debug1: identity file /home/alexander/.ssh/id_ecdsa type -1
    debug1: identity file /home/alexander/.ssh/id_ecdsa-cert type -1
    debug1: Remote protocol version 2.0, remote software version dropbear_0.52
    debug1: no match: dropbear_0.52
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-ctr hmac-md5 none
    debug1: kex: client->server aes128-ctr hmac-md5 none
    debug1: sending SSH2_MSG_KEXDH_INIT
    debug1: expecting SSH2_MSG_KEXDH_REPLY
    debug1: Server host key: RSA XXXX
    debug1: Host 'remote_host' is known and matches the RSA host key.
    debug1: Found key in /home/alexander/.ssh/known_hosts:26
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: Roaming not allowed by server
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,password
    debug1: Next authentication method: publickey
    debug1: Offering DSA public key: /home/alexander/.ssh/id_dsa
    debug1: Authentications that can continue: publickey,password
    debug1: Offering RSA public key: /home/alexander/.ssh/id_rsa
    debug1: Authentications that can continue: publickey,password
    debug1: Trying private key: /home/alexander/.ssh/id_ecdsa
    debug1: Next authentication method: password
    user@remote_host's password:







linux ssh authentication







share|improve this question























  • The log only says that your client has offered the key to the server, but apparently the server didn't accept that, so it reverts to password authentication. the reasons for tjat should be on server side, maybe PubkeyAuthentication or AuthorizedKeysFile aren't set on the server?
    – replay
    Nov 8 '13 at 9:15










  • Permissions on authorized_keys file on remote host?
    – jirib
    Nov 8 '13 at 9:20










  • The permissions on the authorized_keys are correct, and unfortunately I have no log files available I can take a look (because the remote host runs a non-standard linux and is highly configured.). Which file(s) usually contain ssh settings?
    – Alex
    Nov 8 '13 at 9:34






  • 1




    I have found the error: The modes of the overlaying directories where incorrect! After fixing all the permissions and ownerships the passwordless ssh login works. Thanks for the suggestions.
    – Alex
    Nov 8 '13 at 9:52










  • So the .ssh dir must be 600 permission and the files inside 700?
    – Timo
    Jan 23 at 9:55












up vote
1
down vote

favorite









up vote
1
down vote

favorite











On my local machine I have a public key stored in 



.ssh/id_rsa.pub


To be able to log in to a remote machine I copy this key using ssh-copy-id:



ssh-copy-id user@remote-host


On the remote host, I see two lines added to the file .ssh/authorized_keys starting with ssh-dss and ssh-rsa, and ending with the local machine information.



However, when I now log in to the remote machine with 



ssh user@remote-host


I am still asked for a password. Why is that and how can this be fixed?



  • The file permissions of authorized_keys are correct.


  • The following is the result of ssh -v:



    OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: /etc/ssh/ssh_config line 19: Applying options for *
    debug1: Connecting to xxx [xxx] port 22.
    debug1: Connection established.
    debug1: identity file /home/alexander/.ssh/id_rsa type 1
    debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
    debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
    debug1: identity file /home/alexander/.ssh/id_rsa-cert type -1
    debug1: identity file /home/alexander/.ssh/id_dsa type 2
    debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
    debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
    debug1: identity file /home/alexander/.ssh/id_dsa-cert type -1
    debug1: identity file /home/alexander/.ssh/id_ecdsa type -1
    debug1: identity file /home/alexander/.ssh/id_ecdsa-cert type -1
    debug1: Remote protocol version 2.0, remote software version dropbear_0.52
    debug1: no match: dropbear_0.52
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-ctr hmac-md5 none
    debug1: kex: client->server aes128-ctr hmac-md5 none
    debug1: sending SSH2_MSG_KEXDH_INIT
    debug1: expecting SSH2_MSG_KEXDH_REPLY
    debug1: Server host key: RSA XXXX
    debug1: Host 'remote_host' is known and matches the RSA host key.
    debug1: Found key in /home/alexander/.ssh/known_hosts:26
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: Roaming not allowed by server
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,password
    debug1: Next authentication method: publickey
    debug1: Offering DSA public key: /home/alexander/.ssh/id_dsa
    debug1: Authentications that can continue: publickey,password
    debug1: Offering RSA public key: /home/alexander/.ssh/id_rsa
    debug1: Authentications that can continue: publickey,password
    debug1: Trying private key: /home/alexander/.ssh/id_ecdsa
    debug1: Next authentication method: password
    user@remote_host's password:







linux ssh authentication







share|improve this question















On my local machine I have a public key stored in 



.ssh/id_rsa.pub


To be able to log in to a remote machine I copy this key using ssh-copy-id:



ssh-copy-id user@remote-host


On the remote host, I see two lines added to the file .ssh/authorized_keys starting with ssh-dss and ssh-rsa, and ending with the local machine information.



However, when I now log in to the remote machine with 



ssh user@remote-host


I am still asked for a password. Why is that and how can this be fixed?



  • The file permissions of authorized_keys are correct.


  • The following is the result of ssh -v:



    OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: /etc/ssh/ssh_config line 19: Applying options for *
    debug1: Connecting to xxx [xxx] port 22.
    debug1: Connection established.
    debug1: identity file /home/alexander/.ssh/id_rsa type 1
    debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
    debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
    debug1: identity file /home/alexander/.ssh/id_rsa-cert type -1
    debug1: identity file /home/alexander/.ssh/id_dsa type 2
    debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
    debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
    debug1: identity file /home/alexander/.ssh/id_dsa-cert type -1
    debug1: identity file /home/alexander/.ssh/id_ecdsa type -1
    debug1: identity file /home/alexander/.ssh/id_ecdsa-cert type -1
    debug1: Remote protocol version 2.0, remote software version dropbear_0.52
    debug1: no match: dropbear_0.52
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-ctr hmac-md5 none
    debug1: kex: client->server aes128-ctr hmac-md5 none
    debug1: sending SSH2_MSG_KEXDH_INIT
    debug1: expecting SSH2_MSG_KEXDH_REPLY
    debug1: Server host key: RSA XXXX
    debug1: Host 'remote_host' is known and matches the RSA host key.
    debug1: Found key in /home/alexander/.ssh/known_hosts:26
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: Roaming not allowed by server
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,password
    debug1: Next authentication method: publickey
    debug1: Offering DSA public key: /home/alexander/.ssh/id_dsa
    debug1: Authentications that can continue: publickey,password
    debug1: Offering RSA public key: /home/alexander/.ssh/id_rsa
    debug1: Authentications that can continue: publickey,password
    debug1: Trying private key: /home/alexander/.ssh/id_ecdsa
    debug1: Next authentication method: password
    user@remote_host's password:







linux ssh authentication




linux ssh authentication






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 8 '13 at 9:35

























asked Nov 8 '13 at 9:05









Alex

1,724154270




1,724154270











  • The log only says that your client has offered the key to the server, but apparently the server didn't accept that, so it reverts to password authentication. the reasons for tjat should be on server side, maybe PubkeyAuthentication or AuthorizedKeysFile aren't set on the server?
    – replay
    Nov 8 '13 at 9:15










  • Permissions on authorized_keys file on remote host?
    – jirib
    Nov 8 '13 at 9:20










  • The permissions on the authorized_keys are correct, and unfortunately I have no log files available I can take a look (because the remote host runs a non-standard linux and is highly configured.). Which file(s) usually contain ssh settings?
    – Alex
    Nov 8 '13 at 9:34






  • 1




    I have found the error: The modes of the overlaying directories where incorrect! After fixing all the permissions and ownerships the passwordless ssh login works. Thanks for the suggestions.
    – Alex
    Nov 8 '13 at 9:52










  • So the .ssh dir must be 600 permission and the files inside 700?
    – Timo
    Jan 23 at 9:55
















  • The log only says that your client has offered the key to the server, but apparently the server didn't accept that, so it reverts to password authentication. the reasons for tjat should be on server side, maybe PubkeyAuthentication or AuthorizedKeysFile aren't set on the server?
    – replay
    Nov 8 '13 at 9:15










  • Permissions on authorized_keys file on remote host?
    – jirib
    Nov 8 '13 at 9:20










  • The permissions on the authorized_keys are correct, and unfortunately I have no log files available I can take a look (because the remote host runs a non-standard linux and is highly configured.). Which file(s) usually contain ssh settings?
    – Alex
    Nov 8 '13 at 9:34






  • 1




    I have found the error: The modes of the overlaying directories where incorrect! After fixing all the permissions and ownerships the passwordless ssh login works. Thanks for the suggestions.
    – Alex
    Nov 8 '13 at 9:52










  • So the .ssh dir must be 600 permission and the files inside 700?
    – Timo
    Jan 23 at 9:55















The log only says that your client has offered the key to the server, but apparently the server didn't accept that, so it reverts to password authentication. the reasons for tjat should be on server side, maybe PubkeyAuthentication or AuthorizedKeysFile aren't set on the server?
– replay
Nov 8 '13 at 9:15




The log only says that your client has offered the key to the server, but apparently the server didn't accept that, so it reverts to password authentication. the reasons for tjat should be on server side, maybe PubkeyAuthentication or AuthorizedKeysFile aren't set on the server?
– replay
Nov 8 '13 at 9:15












Permissions on authorized_keys file on remote host?
– jirib
Nov 8 '13 at 9:20




Permissions on authorized_keys file on remote host?
– jirib
Nov 8 '13 at 9:20












The permissions on the authorized_keys are correct, and unfortunately I have no log files available I can take a look (because the remote host runs a non-standard linux and is highly configured.). Which file(s) usually contain ssh settings?
– Alex
Nov 8 '13 at 9:34




The permissions on the authorized_keys are correct, and unfortunately I have no log files available I can take a look (because the remote host runs a non-standard linux and is highly configured.). Which file(s) usually contain ssh settings?
– Alex
Nov 8 '13 at 9:34




1




1




I have found the error: The modes of the overlaying directories where incorrect! After fixing all the permissions and ownerships the passwordless ssh login works. Thanks for the suggestions.
– Alex
Nov 8 '13 at 9:52




I have found the error: The modes of the overlaying directories where incorrect! After fixing all the permissions and ownerships the passwordless ssh login works. Thanks for the suggestions.
– Alex
Nov 8 '13 at 9:52












So the .ssh dir must be 600 permission and the files inside 700?
– Timo
Jan 23 at 9:55




So the .ssh dir must be 600 permission and the files inside 700?
– Timo
Jan 23 at 9:55










2 Answers
2






active

oldest

votes

















up vote
0
down vote













You will need to cat out the contents to the remote host directory or it will not acknowledge the new key and chmod 700 (not 600) both .ssh directories (local and remote host).



After generating the new keypair, enter the command on the local host cat .ssh/id_rsa.pub | ssh <user>@<remotehost> 'cat >> .ssh/authorized_keys' This will take the output of your authorized keys on your local machine and place it on the remote machine as well. Moreover, you'll need to ensure you have RWX access, and not just RW.






share|improve this answer
















  • 1




    ssh-copy-id does exactly the catting you describe (except for all public keys not just RSA) with some added errorchecking AND setting the permisssions for you.
    – dave_thompson_085
    Jul 7 '16 at 8:23











  • This will take the output of your authorized keys on your local machine: No, you copy the id_rsa.pub file content to authorized_keys on the remote.
    – Timo
    Jan 23 at 9:52


















up vote
-2
down vote













try chmod 0600 ~/.ssh



And make sure your directory permissions are valid.



I have encountered directories of .ssh with ??????? options when doing an ls -l due to restoring from backups.






share|improve this answer




















  • This is incorrect. chmod 0600 ~/.ssh will make it so you can't even cd ~/.ssh anymore. You probably meant chmod 0700 ~/.ssh.
    – dg99
    Nov 8 '13 at 19:15










  • .ssh is chmod 700 and .ssh/authorized_keys chmod 640.
    – GiannakopoulosJ
    Jun 13 '16 at 21:50











Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f99327%2fwhy-is-my-ssh-connection-unauthorized-although-i-have-updated-my-key-on-the-remo%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























2 Answers
2






active

oldest

votes








2 Answers
2






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
0
down vote













You will need to cat out the contents to the remote host directory or it will not acknowledge the new key and chmod 700 (not 600) both .ssh directories (local and remote host).



After generating the new keypair, enter the command on the local host cat .ssh/id_rsa.pub | ssh <user>@<remotehost> 'cat >> .ssh/authorized_keys' This will take the output of your authorized keys on your local machine and place it on the remote machine as well. Moreover, you'll need to ensure you have RWX access, and not just RW.






share|improve this answer
















  • 1




    ssh-copy-id does exactly the catting you describe (except for all public keys not just RSA) with some added errorchecking AND setting the permisssions for you.
    – dave_thompson_085
    Jul 7 '16 at 8:23











  • This will take the output of your authorized keys on your local machine: No, you copy the id_rsa.pub file content to authorized_keys on the remote.
    – Timo
    Jan 23 at 9:52















up vote
0
down vote













You will need to cat out the contents to the remote host directory or it will not acknowledge the new key and chmod 700 (not 600) both .ssh directories (local and remote host).



After generating the new keypair, enter the command on the local host cat .ssh/id_rsa.pub | ssh <user>@<remotehost> 'cat >> .ssh/authorized_keys' This will take the output of your authorized keys on your local machine and place it on the remote machine as well. Moreover, you'll need to ensure you have RWX access, and not just RW.






share|improve this answer
















  • 1




    ssh-copy-id does exactly the catting you describe (except for all public keys not just RSA) with some added errorchecking AND setting the permisssions for you.
    – dave_thompson_085
    Jul 7 '16 at 8:23











  • This will take the output of your authorized keys on your local machine: No, you copy the id_rsa.pub file content to authorized_keys on the remote.
    – Timo
    Jan 23 at 9:52













up vote
0
down vote










up vote
0
down vote









You will need to cat out the contents to the remote host directory or it will not acknowledge the new key and chmod 700 (not 600) both .ssh directories (local and remote host).



After generating the new keypair, enter the command on the local host cat .ssh/id_rsa.pub | ssh <user>@<remotehost> 'cat >> .ssh/authorized_keys' This will take the output of your authorized keys on your local machine and place it on the remote machine as well. Moreover, you'll need to ensure you have RWX access, and not just RW.






share|improve this answer












You will need to cat out the contents to the remote host directory or it will not acknowledge the new key and chmod 700 (not 600) both .ssh directories (local and remote host).



After generating the new keypair, enter the command on the local host cat .ssh/id_rsa.pub | ssh <user>@<remotehost> 'cat >> .ssh/authorized_keys' This will take the output of your authorized keys on your local machine and place it on the remote machine as well. Moreover, you'll need to ensure you have RWX access, and not just RW.







share|improve this answer












share|improve this answer



share|improve this answer










answered Jul 7 '16 at 4:21









SomeGuy

212112




212112







  • 1




    ssh-copy-id does exactly the catting you describe (except for all public keys not just RSA) with some added errorchecking AND setting the permisssions for you.
    – dave_thompson_085
    Jul 7 '16 at 8:23











  • This will take the output of your authorized keys on your local machine: No, you copy the id_rsa.pub file content to authorized_keys on the remote.
    – Timo
    Jan 23 at 9:52













  • 1




    ssh-copy-id does exactly the catting you describe (except for all public keys not just RSA) with some added errorchecking AND setting the permisssions for you.
    – dave_thompson_085
    Jul 7 '16 at 8:23











  • This will take the output of your authorized keys on your local machine: No, you copy the id_rsa.pub file content to authorized_keys on the remote.
    – Timo
    Jan 23 at 9:52








1




1




ssh-copy-id does exactly the catting you describe (except for all public keys not just RSA) with some added errorchecking AND setting the permisssions for you.
– dave_thompson_085
Jul 7 '16 at 8:23





ssh-copy-id does exactly the catting you describe (except for all public keys not just RSA) with some added errorchecking AND setting the permisssions for you.
– dave_thompson_085
Jul 7 '16 at 8:23













This will take the output of your authorized keys on your local machine: No, you copy the id_rsa.pub file content to authorized_keys on the remote.
– Timo
Jan 23 at 9:52





This will take the output of your authorized keys on your local machine: No, you copy the id_rsa.pub file content to authorized_keys on the remote.
– Timo
Jan 23 at 9:52













up vote
-2
down vote













try chmod 0600 ~/.ssh



And make sure your directory permissions are valid.



I have encountered directories of .ssh with ??????? options when doing an ls -l due to restoring from backups.






share|improve this answer




















  • This is incorrect. chmod 0600 ~/.ssh will make it so you can't even cd ~/.ssh anymore. You probably meant chmod 0700 ~/.ssh.
    – dg99
    Nov 8 '13 at 19:15










  • .ssh is chmod 700 and .ssh/authorized_keys chmod 640.
    – GiannakopoulosJ
    Jun 13 '16 at 21:50















up vote
-2
down vote













try chmod 0600 ~/.ssh



And make sure your directory permissions are valid.



I have encountered directories of .ssh with ??????? options when doing an ls -l due to restoring from backups.






share|improve this answer




















  • This is incorrect. chmod 0600 ~/.ssh will make it so you can't even cd ~/.ssh anymore. You probably meant chmod 0700 ~/.ssh.
    – dg99
    Nov 8 '13 at 19:15










  • .ssh is chmod 700 and .ssh/authorized_keys chmod 640.
    – GiannakopoulosJ
    Jun 13 '16 at 21:50













up vote
-2
down vote










up vote
-2
down vote









try chmod 0600 ~/.ssh



And make sure your directory permissions are valid.



I have encountered directories of .ssh with ??????? options when doing an ls -l due to restoring from backups.






share|improve this answer












try chmod 0600 ~/.ssh



And make sure your directory permissions are valid.



I have encountered directories of .ssh with ??????? options when doing an ls -l due to restoring from backups.







share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 8 '13 at 10:32









user2927304

1




1











  • This is incorrect. chmod 0600 ~/.ssh will make it so you can't even cd ~/.ssh anymore. You probably meant chmod 0700 ~/.ssh.
    – dg99
    Nov 8 '13 at 19:15










  • .ssh is chmod 700 and .ssh/authorized_keys chmod 640.
    – GiannakopoulosJ
    Jun 13 '16 at 21:50

















  • This is incorrect. chmod 0600 ~/.ssh will make it so you can't even cd ~/.ssh anymore. You probably meant chmod 0700 ~/.ssh.
    – dg99
    Nov 8 '13 at 19:15










  • .ssh is chmod 700 and .ssh/authorized_keys chmod 640.
    – GiannakopoulosJ
    Jun 13 '16 at 21:50
















This is incorrect. chmod 0600 ~/.ssh will make it so you can't even cd ~/.ssh anymore. You probably meant chmod 0700 ~/.ssh.
– dg99
Nov 8 '13 at 19:15




This is incorrect. chmod 0600 ~/.ssh will make it so you can't even cd ~/.ssh anymore. You probably meant chmod 0700 ~/.ssh.
– dg99
Nov 8 '13 at 19:15












.ssh is chmod 700 and .ssh/authorized_keys chmod 640.
– GiannakopoulosJ
Jun 13 '16 at 21:50





.ssh is chmod 700 and .ssh/authorized_keys chmod 640.
– GiannakopoulosJ
Jun 13 '16 at 21:50


















draft saved

draft discarded
















































Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.





Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


Please pay close attention to the following guidance:


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f99327%2fwhy-is-my-ssh-connection-unauthorized-although-i-have-updated-my-key-on-the-remo%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown






-

Popular posts from this blog

How to check contact read email or not when send email to Individual?

Image
Clash Royale CLAN TAG #URR8PPP up vote 1 down vote favorite I'm using WordPress 4.9.8, CiviCRM to 5.5.1, I usually send email to contact by Search> Find contacts View contact details Action> Send email Send email ok, Contact received mail ok like picture But status only Email sent though contact read email or not. So, can CiviCRM can change status to Email read when contact read email? wordpress email share | improve this question asked Sep 26 at 0:12 ToanLuong 49 9 add a comment  |  up vote 1 down vote favorite I'm using WordPress 4.9.8, CiviCRM to 5.5.1, I usually send email to contact by Search> Find contacts View contact details Action> Send email Send email ok, Contact received mail ok like picture But status only Email sent though contact read email or not. So, can CiviCRM can change status to Email read when contact read email? wordpress email share | improve this question asked Se
Read more

Bahrain

Image
For other uses, see Bahrain (disambiguation). Sovereign island state in the Persian Gulf Kingdom of Bahrain مملكة البحرين   (Arabic) Mamlakat al-Baḥrayn Flag Coat of arms Anthem:  نشيد البحرين الوطني Bahrainona Our Bahrain Location of   Bahrain    (circled in red) Capital and largest city Manama 26°13′N 50°35′E  /  26.217°N 50.583°E  / 26.217; 50.583 Official languages Arabic Ethnic groups (2010 [1] ) 50.7% Arab (46% Bahrani, 4.7% other Arabs) 45.5% Asian 1% European 1.2% Others Religion Islam Demonym(s) Bahraini Government Unitary constitutional monarchy • King Hamad bin Isa Al Khalifa • Crown Prince Salman bin Hamad bin Isa Al Khalifa • Prime Minister Khalifa bin Salman Al Khalifa Legislature National Assembly • Upper house Consultative Council • Lower house Council of Representatives Independence • Declared Independence [2] 14 August 1971 • from United Kingdom [1] 15 August 1971 • Admitted to the United Nations 21 September 1971 • Kingdom of Bahrain 14 February 2002
Read more

Postfix configuration issue with fips on centos 7; mailgun relay

Image
Clash Royale CLAN TAG #URR8PPP up vote 0 down vote favorite I am trying to setup postfix to relay all mail generated on the local machine via SMTP to a mailgun relay. I have used the mailgun relay before with success on an ubuntu server, but I am migrating to a Centos 7 server which I will be running in FIPS mode. There error log is below, slightly sanitized. I have a small enough network that I choose to have each machine reach out to mailgun individually (this the loopback-only, 127.0.0.0/8 restrictions) and no firewall open port allowing smtp in to the machine. I assume the FIPS mode (and with it disabling of MD5) is causing problems, but I don't know how to overcome it or if it is even possible for tls_fprint to use some supported hash such as sha256 or sha512. However, the relay=none is slightly concerning since I have relayhost set, but perhaps that is because the smtp process is failing? Any help would be appreciated! postconf -n: alias_database = hash:/etc/alia
Read more