bjorgvin
By:
bjorgvin

permission denied after creating droplet using ssh keys

October 15, 2015 11.3k views
Security PostgreSQL Nginx Ruby on Rails Ubuntu

I created a new droplet using "Ruby on Rails on 14.04" and added SSH keys in stead of using root password. When I tried connecting through ssh I got these results :(

$ ssh xxx.xxx.xx.xxx
pc@xxx.xxx.xx.xxx's password: *************
Permission denied, please try again.
pc@xxx.xxx.xx.xxx's password: 

Then I tried:

$ ssh root@xxx.xxx.xx.xxx
root@xxx.xxx.xx.xxx's password: 
Permission denied, please try again.
root@xxx.xxx.xx.xxx's password: 

Then I tried:

$ ssh -i /path/to/.ssh/id_rsa_private_key root@xxx.xxx.xx.xxx
root@xxx.xxx.xx.xxx's password: 
Permission denied, please try again.
root@xxx.xxx.xx.xxx's password: 

I'm not sure what to do at this point ... can you help me?

4 comments
  • Hmm, I feel like this happened to me a while back too. If your client machine is running Linux you may want to double check the permission settings for the key. You may want to check out this tutorial if you are having key permission problems, but it doesn't look like you are having those issues.
    [http://www.howtogeek.com/168119/fixing-warning-unprotected-private-key-file-on-linux/](http://)

    I made the silly mistake once of not using the right key, and that obviously didn't work. You may want to double check it. Finally, as a worst case scenario I believe that you can go to the Digital Ocean Control Panel for your Droplet and under "Access" I believe that you can click reset root password and it should restore it.

    Hope This Helps!
    Have a Great Day!

  • Hi, again...

    Just started all over with a new droplet and new ssh key making sure I had the permissions correct like stated in http://www.howtogeek.com/168119/fixing-warning-unprotected-private-key-file-on-linux/

    I still have the same problem; what user should I be connecting as when doing ssh? should I be doing

    $ ssh root@xxx.xxx.xx.xxx
    

    or just

    $ ssh xxx.xxx.xx.xxx
    

    And since I have password protected my private key I guess that is the password being asked for, right? In my public key file id_rsa.pub I have my public key and all the way in the end there is a, mmmmm user?, something like mypc@mypc .. what role does that play in all of this?

    thank you for all the help.

  • This was driving me nuts! NUTS! But this should help you...

    BEFORE you try to SSH into server type:

    1. eval `ssh-agent -s`
    2. ssh-add ~/.ssh/id_rsa where id_rsa is the file with your ssh key (this is the default version so chances are yours is the same. If not, change it.
    3. ssh root@xxx.xxx.xxx and hopefully no password required Needed them to log on. (From Tutorial https://www.digitalocean.com/community/tutorials/how-to-connect-to-your-droplet-with-ssh)
  • I am having a similar problem I tried following the instructions above with no luck. I killed the first droplet and started everything from scratch, followed all the instructions in the Tutorial and still no luck. ssh is just not working. Any suggestions?

4 Answers

This was driving me nuts! NUTS! But this should help you...

BEFORE you try to SSH into server type into Command Line:

eval ssh-agent -s
ssh-add ~/.ssh/id_rsa where id_rsa is the file with your ssh key (this is the default version so chances are yours is the same. If not, change it.
ssh root@xxx.xxx.xxx and hopefully no password required Needed them to log on. (From Tutorial https://www.digitalocean.com/community/tutorials/how-to-connect-to-your-droplet-with-ssh)

I've found that using the web console and pressing # on my keyboard actually inputs a 3!

This caused me all sorts of headaches as my password contained a # and I couldn't do much out of the web console because it threw login errors.

PuTTY works a treat if you need hashtags!

Wordpress on 14.04

DSA keys are not accepted by default anymore on newest Ubuntus. This might be your case. If you have id_dsa keys, you need to replace them by RSA keys. Ubuntu 16.04 uses OpenSSH 7.x, which does not allow these DSA keys due to their security issues. This issue almost drove me crazy, because I had not experienced any issues before when connecting to my droplets with ssh.

See:

I faced the same problem when I used only
ssh root@server_ip

then I solved the problem by the using in the following format:

ssh -o "IdentitiesOnly yes" -i ~/.ssh/yourprivate_id root@server-ip

  • What is "yourprivate_id" ?

    • here 'yourprivateid' means your private SSH key id. For example, idrsa is called private ssh id when ssh key is generated without any name and id_rsa.pub is the public key that we save in the server or digital ocean admin panel to authenticate our access using our private key, that is generally saved in ~/.ssh/ directory.

      I am not very good at explaining. if you want to learn more about ssh then you can read from the below link, and I also learnt from the below link. :)

      https://serversforhackers.com/video/creating-and-using-ssh-keys

      thanks.

Have another answer? Share your knowledge.