Question

Permission denied (publickey). I cannot figure this out, please help.

Posted July 13, 2017 13.6k views
UbuntuServer Optimization

Trying to ssh into my newly created droplet and I cannot for the life of me figure out how to solve this error I’m getting after successfully creating my key pair on my local machine:

Permission denied (publickey).

I have chmod 700 my /.ssh folder, and I have chmod 644 my /.ssh

Still the same error, hopefully someone can help me solve this.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers

@sshjerk

To enable public key authentication you must do the following:

1- On your local machine, create a ssh key par with ssh-keygen.
2- Copy your public key to the server using ssh-copy-id <username>@<server ip>
3- Then you can login using ssh <username>@<server ip>

Hope this helps.

@sshjerk

You should only need to setup .ssh for individual users. The root user already has this directory on Ubuntu – ~/.ssh – and it’s permissions are already set.

So what you need to do depends on who you’re trying to set the SSH Key up for.

For root, you’d generate a key pair locally and add the public key to ~/.ssh/authorized_keys. You’d then use the private key to log in.

For example, I’m on MacOS, so I’d open up Terminal and run:

ssh-keygen -a 500 \
           -b 4096 \
           -C "" \
           -E sha256 \
           -o \
           -t rsa

From there, I’ll be prompted to set a location for storing the keys generated by the command, so I’ll provide a path and name. You’ll then be prompted for a passphrase and asked to confirm.

Once the key is saved locally, you can then cat it locally and then copy and paste it to the server or us the ssh-copy-id command. I normally copy and paste :-).

If you’re setting up SSH Keys for non-root users, you need to make sure the user is setup properly.

mkdir -p /home/mynewuser/.ssh
touch /home/mynewuser/.ssh/authorized_keys
useradd -d /home/mynewuser mynewuser
chmod 700 /home/mynewuser/.ssh
chmod 644 /home/mynewuser/.ssh/authorized_keys
chown -R /home/mynewuser
chown root:root /home/mynewuser

Now that the new user is setup, you can copy the public key to the users authorized_keys file.

The public key doesn’t need to exist anywhere other than in the authorized_keys file on the Droplet. The private key should not be uploaded at all, instead, only used locally to connect.

  • hello,

    i am a very beginner in all these stuff, when i was trying to setup my discourse , i am having this error i tried to read all this and i honestly have no idea at all in what you guys are saying.

    can u help me installing it pls

Submit an Answer