By kycalica
Rebuilt an image and now I can’t login into my instance!
my /etc/hosts file has my ip address under howlit
Here is my output from: ssh -vv root@howlit
debug1: Host 'howlit' is known and matches the ECDSA host key.
debug1: Found key in /Users/kyle.calica-steinhil/.ssh/known_hosts:40
Warning: Permanently added the ECDSA host key for IP address 'XXX.XX.XX.XXX' to the list of known hosts.
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /Users/kyle.calica-steinhil/.ssh/id_rsa (0x7fe5a8500950),
debug2: key: /Users/kyle.calica-steinhil/.ssh/id_dsa (0x0),
debug2: key: /Users/kyle.calica-steinhil/.ssh/id_ecdsa (0x0),
debug2: key: /Users/kyle.calica-steinhil/.ssh/id_ed25519 (0x0),
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/kyle.calica-steinhil/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug1: Trying private key: /Users/kyle.calica-steinhil/.ssh/id_dsa
debug1: Trying private key: /Users/kyle.calica-steinhil/.ssh/id_ecdsa
debug1: Trying private key: /Users/kyle.calica-steinhil/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
Changed anything with my IP address to ‘XXX.XX.XX.XXX’
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
In my case there was a problem with directory permissions. Check this out
/home
drwxr-xr-x. 9 root root 113 Jun 28 22:57 home
and then your home directory:
drwxr----- 5 user group 124 May 18 17:00 user
drwx------ 2 user group 29 May 18 12:05 .ssh
-rw------- 1 user group 2235 Jun 28 23:09 authorized_keys
Troubleshooting
- start sshd in debug mode
service sshd stop
run sshd debug mode:
/usr/sbin/sshd -ddd
my error messages
...
debug1: trying public key file /home/USER/.ssh/authorized_keys
debug1: Could not open authorized keys '/home/USER/.ssh/authorized_keys': Permission denied
...
<^>You can take look at SSH keys tutorial for steps. You will need to copy it manually as ssh-copy-id is not available via Console. You can temporary enable password authentication. Open SSH config:
sudo nano /etc/ssh/sshd_config
Find out PasswordAuthentication to yes:
PasswordAuthentication yes
Save file and exit editor. It requires you to restart SSH service:
sudo systemctl restart sshd
<^> This works! Thanks
I had the same problem, and after 4-5 hours I realize the problem and found the solution.
I’m not sure about the reason, but the server only allows keys with 1024 bytes. You can:
- create a 1024 key locally:
ssh-keygen -t rsa -b 1024 -N "" -f ~/.ssh/id_rsa_docean - add it to the keys in your profile
- use it to create the droplet
- use it to login:
ssh root@YOUR_IP -i id_rsa_docean
Because of another bug, maybe using more than 1 key may fail because the authorized_keys may corrupt.
I’d love to know why those two problems: the authorized_keys mess and the size limit in the key.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.