Question

connect to server with SSH private key

Posted May 2, 2017 10.3k views
SecurityDebian

I have two droplets. One with Nginx where my webapp is running and one for MySQL. Both have a private IP address. I have installed both droplets and software. Now i’m securing the MySQL droplet. I only want to connect with SSH through my Nginx droplet.

I created a DSA key (private and public) with putty-keygen and added the public key in my DigitalOcean. When I created both droplets, I picked that public key. With Putty, I can connect to both droplets. The key is protected with a passphrase.

Then I uploaded my private key on my Nginx droplet in /home/agromedi/.ssh/id_rsa

When I login as the agromedi user and I want to connect to SSH. I use the private IP of the MySQL droplet and connect like this:

ssh root@10.129.33.50

Then it asked for my passphrase. I enter it and then it asked it again and again and then I get “Permission denied (publickey)”. The rights on the file are 600 (I tried 400 also but nope).
I renamed the file to id_dsa. Nothing worked. With the -vvv option, I get more info that the passphrase is wrong. But I use the same private key on Putty with the same passphrase.... Or is the keyboard wrong in my console? Or maybe I’m doing something wrong?

Thanks

2 comments
  • Hi @stijnleenknegt Can you open nano or another simple text editor on your Nginx-droplet and try to write the passphrase - just to make sure it’s not a problem with keyboard charset.

  • Opened nano and I use my numpad to enter the numeric values. They didn’t show up in nano but on the keyboard with Shift key, I can enter numeric values. (I use AZERTY lay-out on my keyboard). I used it again with the Shift but still te same result.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers

@stijnleenknegt
Okay, it has probably something to do with that keyboard charset. In you passphrase, besides 0 to 9, are you only using a to z or are you also using symbols and local characters?
I don’t know if it is your keyboard or the charset on the server that complicates this.

  • The chars ’<’ and ’_’ are in the passphrase also. It’s strange because I have to use the same passphrase when I login to my Nginx droplet with Putty.

    • I’m wondering. Are you using the PPK format that PuTTY generates by default or are you converting the key to PEM format before uploading to server?
      It needs to be PEM format - you can use puttygen to convert it.

I created a key on my nginx with the same passphrase and appended the public key to my authorized_keys on my database droplet. Then I tried the ssh command again, it asked for my passphrase. And that works. The passphrase is the same..... Maybe I should created my keys with ssh-keygen instead of the putty key-gen.

Submit an Answer