Note from DigitalOcean Community team: The user @intalix has provided a popular answer to this question here: https://www.digitalocean.com/community/questions/error-permission-denied-publickey-when-i-try-to-ssh?comment=169562
Recently I threw out my old linux laptop and set everything up again in my new laptop. The only trouble I have now is not being able to log in to my DO instance via ssh. This instance had one ssh key setup before and in the sshd config it had permitrootlogin set to no. So I created a new ssh key to be able to login from this new laptop.
$ ssh-keygen -t rsa -C "gitlab" -b 4096
Then added the public key this to the instance. Now I try to login
$ ssh user@server
I get asked password for this user. I am able to login using the password. This isn’t how I was logging in before. I used to type my ssh passphrase. So I thought this may be because this is a new key and I disabled password authentication in sshd config. After this, I get the error
$ ssh user@server
Permission denied (publickey)
I checked online and set the permission to .ssh folder to 700. Still I get the same error. I can access the online console of the instance, but don’t know what to do.
How do I resolve this?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Accepted Answer
The issue is within your sshd_config file.
Here is the ULTIMATE solution to this issue:
-
Log as root to your Ubuntu server
-
Use vim or nano to edit the contents of
/etc/ssh/sshd_configEg.vi /etc/ssh/sshd_configornano /etc/ssh/sshd_config -
Now go to the very bottom of the file (to the line with
PasswordAuthentication) - Change the value next toPasswordAuthenticationfromnotoyes. It should now look like this:
# Change to no to disable tunnelled clear text passwords
PasswordAuthentication yes
- Save the file and then run the following command to reload the SSH config:
sudo service sshd reload
With this done, you can now set up your new SSH key for your LOCAL device. To do this, you can run the following from your LOCAL device, not the server:
ssh-copy-id username@droplet.ip
(Make sure to replace username with your username on the droplet and droplet.ip with the full IP address of your droplet)
With this done, you should be good to go, connecting with SSH keys!
Hi, just solve this issue with the same method above.
- open with web UI console
- wget https://xxxxxxx
- cat id_rsa.pub > .ssh/authorized_keys
There seems to be some problem with the setup of Droplet.
The .ssh/authorized_keys wasn’t correct originally.
The “vim -d id_rsa.pub .ssh/authorized_keys” said they are different.
then do the third command.
and everything works.
hope this helps.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.