Question

Permission denied (publickey)

Posted January 2, 2020 1.3k views
Ubuntu 18.04

Yesterday i was connected to my droplet via SSH as usual, doing my work.
Then i has issues with zsh so i removed it to use the default console:

sudo apt-get --purge remove zsh

Then I exited and now I can’t connect anymore.

Via SSH I get the “permission denied” error.
Via web console it looks like the login worked (I see the welcome screen for a second), and then it goes back to the login screen again.

Right now i have no way to log in. I tried re-adding the SSH key via dashboard and it says that the SSH key is already installed, so that’s not the problem (but i knew it).

I believe that after removing zsh now i don’t have a default shell.

What could I do??

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
6 answers

Hey @stesvis just so I understand more, you deleted zsh from your machine (client)

If you readd a key via the dashboard, it does not add it to the server. You can make a snapshot, then start a new server from that snapshot and select your key. Or you can use recovery boot to add your SSH key to the file system. I can go into more details if you wish.

However, I don’t think you would have deleted your local key? Whats inside your client machines ~/.ssh folder?

If you ssh with -vvv you will see more details with what its attempting to do with authentication.

Regards

Simon
SnapShooter DigitalOcean Backups

@snapshooter yes please advise on how to recover.

In my client .ssh folder i have the idrsa public and private keys.
If I go to My Account, Security and click on Add SSH Key i can paste my public key from the local machine but then it says that the key is already registered on the authorized
keys file on the server.

And i am not surprised because i was connected 2 minutes before via SSH.

I had zsh installed on the server, but it had issues so i wanted to remove it and go back to the default bash.

I removed zsh from the server without setting the default bash first, and i believe this is the beginning of all my issues right now.

@snapshooter I ran ssh with the -vvv parameter and posted the response, but it was marked as spam.

@snapshooter why adding the SSH key again?
As the dashboard says, it’s already in the authorized_keys file.

Sorry, here’s the gist
https://gist.github.com/stesvis/ca3edb99b8874c9171572c7614bae8aa

@snapshooter so i did what you suggested:

  1. Created a snapshot of my droplet
  2. Created a droplet from that snapshot
  3. Imported my existing SSH Keys

The I tried to connect to that new droplet and I get the same result:


$ ssh root@138.197.166.58
The authenticity of host ‘138.197.166.58 (138.197.166.58)’ can’t be established.
ECDSA key fingerprint is SHA256:0aoXC4P69niNy1KVcmvEo/78Vx38Vwv7ki5yRL9+mwE.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '138.197.166.58’ (ECDSA) to the list of known hosts.

root@138.197.166.58: Permission denied (publickey).

The I launched the web console and I got the login screen:
https://snipboard.io/jCHNJR.jpg

I entered the username and password.
For a second I saw this. I only had like 1 sec to take a screenshot:
https://snipboard.io/1fkA8e.jpg

And immediately it went back to here again:
https://snipboard.io/jCHNJR.jpg

I am out of options, I really don’t know how to recover this…

@snapshooter Now I created a new droplet (NOT from snapshot), and I can connect regularly with the same keys.

So there is not an issue with SSH keys. I don’t know how to troubleshoot that droplet now. I believe it’s because it does not have a default bash anymore.

  • @stesvis I think you’re going to have to boot into recovery mode.

    When you’re in recovery mode, mount the filesystem, then edit /mnt/etc/passwd
    Look for the root line and see what bash is setup.

    Should be something like

    root:x:0:0:root:/root:/bin/bash
    
Submit an Answer