Question
Can't login into new instance Permission Denied (publickey)
- Posted on November 4, 2016
- Linux BasicsUbuntu 16.04
Asked by kycalica
Rebuilt an image and now I can’t login into my instance!
my /etc/hosts file has my ip address under howlit
Here is my output from: ssh -vv root@howlit
debug1: Host 'howlit' is known and matches the ECDSA host key.
debug1: Found key in /Users/kyle.calica-steinhil/.ssh/known_hosts:40
Warning: Permanently added the ECDSA host key for IP address 'XXX.XX.XX.XXX' to the list of known hosts.
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /Users/kyle.calica-steinhil/.ssh/id_rsa (0x7fe5a8500950),
debug2: key: /Users/kyle.calica-steinhil/.ssh/id_dsa (0x0),
debug2: key: /Users/kyle.calica-steinhil/.ssh/id_ecdsa (0x0),
debug2: key: /Users/kyle.calica-steinhil/.ssh/id_ed25519 (0x0),
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/kyle.calica-steinhil/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug1: Trying private key: /Users/kyle.calica-steinhil/.ssh/id_dsa
debug1: Trying private key: /Users/kyle.calica-steinhil/.ssh/id_ecdsa
debug1: Trying private key: /Users/kyle.calica-steinhil/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
Changed anything with my IP address to ‘XXX.XX.XX.XXX’
Submit an answer
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Make sure you didn’t changed private key any time after creating Droplet. If you used one key on Droplet creation, and changed it (even in Control Panel), the original one key will be used.
To debug this, you can use DigitalOcean Web Console. Login to Control Panel, select your Droplet and click Console on right side. If you have non-root user, use it in combination with password and you will be able to login. If you have root user only and don’t have password, you can use Reset Root Password from ‘Access’ option of Droplet details. It’ll be mailed to your password and you can login with it via Console. Probably you will have to change it on first login, you will be first asked for current password then 2 times for new one.
You can take look at SSH keys tutorial for steps. You will need to copy it manually as
ssh-copy-idis not available via Console. You can temporary enable password authentication. Open SSH config:Find out
PasswordAuthenticationtoyes:Save file and exit editor. It requires you to restart SSH service:
After this you can use SSH with password to debug. Once public key starts to work, make sure
PasswordAuthenticationis set tonoand restart service to disable password logins.In my case there was a problem with directory permissions. Check this out
/home
and then your home directory:
Troubleshooting
run sshd debug mode:
my error messages
<^>You can take look at SSH keys tutorial for steps. You will need to copy it manually as ssh-copy-id is not available via Console. You can temporary enable password authentication. Open SSH config:
Find out PasswordAuthentication to yes:
Save file and exit editor. It requires you to restart SSH service:
<^> This works! Thanks