Question

Cannot root login via SSH to Centos 7 on Digitalocean anymore

Hi I had set up SSH login to my Centos droplet and disabled login via a password. It has been working fine for a year. I haven’t ssh’ed into the droplet for a few months and now when I try to I get an error - “Permission Denied”. The machine I connect from hasn’t changed. The keys from the Windows 10 machine I connect from were previously installed on the droplet and worked fine for a year. I guess I’m locked out of the droplet now. But my main question is: why did this happen and how do I make sure it does not happen in the future?


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

The problem is this!

/var/log/messages:Dec 28 05:42:37 tor1 sshd: /etc/ssh/sshd_config: Permission denied

I have this EXACT same issue w/ CentOS7! I will have to change my droplet to Ubuntu or Fedora.

THIS IS NOT ACCEPTABLE!

SSH works ONLY in the recovery environment - the SSHD process isn’t even running when powered up (tested via nmap)

Thank you for your response. I’m using Windows 10 ubuntu bash. I still cannot gain access to the droplet. I have also verified that public key in /home/alex/.ssh/id_rsa.pub is registered on digitialocean SSH Keys. Again, it was working a few months ago and I haven’t made any changes.

Here is what I get when trying to ssh

OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g 1 Mar 2016 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to 204.48.25.76 [204.48.25.76] port 22. debug1: Connection established. debug1: identity file /home/alex/.ssh/id_rsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /home/alex/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/alex/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/alex/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/alex/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/alex/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/alex/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/alex/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4 debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000 debug1: Authenticating to 204.48.25.76:22 as ‘root’ debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256@libssh.org debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ecdsa-sha2-nistp256 SHA256:SR/xqDyLwnjPxx3/zW2PZ6dgjLP+Jqcou/kcHRCn66o debug1: Host ‘204.48.25.76’ is known and matches the ECDSA host key. debug1: Found key in /home/alex/.ssh/known_hosts:6 debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available

debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available

debug1: Unspecified GSS failure. Minor code may provide more information

debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available debug2: we did not send a packet, disable method debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/alex/.ssh/id_rsa debug3: send_pubkey_test debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 60 debug1: Server accepts key: pkalg rsa-sha2-512 blen 279 debug2: input_userauth_pk_ok: fp SHA256:KJrwF9jZnErKFdVEq4OUbaaZqNUTgzwhC+wZow3Mx7U debug3: sign_and_send_pubkey: RSA SHA256:KJrwF9jZnErKFdVEq4OUbaaZqNUTgzwhC+wZow3Mx7U debug3: send packet: type 50 debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic debug1: Trying private key: /home/alex/.ssh/id_dsa debug3: no such identity: /home/alex/.ssh/id_dsa: No such file or directory debug1: Trying private key: /home/alex/.ssh/id_ecdsa debug3: no such identity: /home/alex/.ssh/id_ecdsa: No such file or directory debug1: Trying private key: /home/alex/.ssh/id_ed25519 debug3: no such identity: /home/alex/.ssh/id_ed25519: No such file or directory debug2: we did not send a packet, disable method debug1: No more authentication methods to try. Permission denied (publickey,gssapi-keyex,gssapi-with-mic).