Power up with new SaaS Add-Ons from the DigitalOcean Marketplace

Related

My website is unresponsive! What do I do?
Question
Anybody who has set up Postfix/Dovecot with TLS?
Question

Question

After enabling Public Key Authentication, I can still log in without from other machine

Hi, I just enabled public key authentication on my Ubuntu 15.10 x64 droplet - and indeed, next time I logged in from my machine (called “nas2”), I was prompted to enter the pass-phrase. I then proceeded to log in from another machine (my laptop) - same user, same Ubuntu server - and I could still log in from my laptop with simple user-password authentication - no private key available on that machine.

I assume that is not supposed to happen? That defeats the purpose of having that extra layer of authentication of it can be bypassed like that?

I followed the steps in this tutorial: https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-14-04 - “Step Four — Add Public Key Authentication”

Subscribe
Share
Jonas EllehaugeNovember 3, 2015

Great, thanks for your help mate! Will try that!

Brook ShelleyNovember 3, 2015

You will want to generate a new key on your laptop, then send it to NAS2, and have that computer place it in the authorized_keys folder.

Jonas EllehaugeNovember 2, 2015

Thanks a lot! Now that leads to the next question: Now that I can only log in from this particular machine (nas2) which has the private key stored - how do I go about authenticating another device, such as my laptop? Can I simply copy the file with the private key from nas2 to the other device? Or would I have to create a new private + public key on the laptop, then proceed to add the new public key to the server - which I probably can’t do using ssh-copy-id because I can’t login with ssh before it is uploaded?

tellingNovember 2, 2015

You’ve enabled public key auth, but that doesn’t automaticly disable password login. To do so you need to change PasswordAuthentication yes to PasswordAuthentication no.

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Andrew SBJune 10, 2016

This question was answered by @telling:

You’ve enabled public key auth, but that doesn’t automaticly disable password login. To do so you need to change PasswordAuthentication yes to PasswordAuthentication no.

View the original comment

Join the DigitalOcean CommunityCommunity

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner

Related

My website is unresponsive! What do I do?
Question
Anybody who has set up Postfix/Dovecot with TLS?
Question
Join the DigitalOcean CommunityCommunity

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner