Question
PuTTY + ssh - "server refused our key"
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×This fixed my problem, thank you!
For whatever reason my /root directory was showing the owner as
drwx—— 9 113 117 4096 Mar 25 07:52 root
Hi,
I was having a same problem, I read a few tutorials here in DO and I believe I know what the problem was.
My step was: create a new droplet (brand new account / droplet), not using any key and THEN generate a key after the droplet created.
The problem was, the key was not automatically assigned to the droplet (I read this on one of the tutorials). It is possible to assign the key into an existing droplet (again, read on tutorial) but I didn’t use that solution.
My solution: I deleted the key from DO’s record, delete the droplet (luckily it was still empty) and then create a new droplet, but this time, using the key since the beginning (when it was asked during droplet’s creation, whether we want to use a key or not). Basically just start from scratch, but this time I “rearranged” the steps. I was using the same key, there was a pop up saying that this key already cached but on different droplet (something along that line), hit yes, and everything works.
Just a suggestion, DO should warn the user regarding this issue. Well.. I don’t really think that this is an issue / bug, but.. I think it’d be nice to know this since the beginning. For example, on this tutorial:
On this part “Step Seven-Select SSH Keys (Optional)” >> It should be clear that it would take more, extra effort if we choose to create a key later (manually assign it to the droplet).
Again, just a suggestion. HTH
I thought the same and it is really caused by that. I removed the droplet and create another new one and assign public key to it. Then the SSH connection just works without password.
Agreed, I was facing the same issue doing everything from scratch and adding the keys in the beginning worked. Thanks!
If someone is here from BITHOST.io (Powered by Digital Ocean) - I had the same problem.
After minutes trying to connect, So I just deleted the current servername and created SSH key and then server using this ssh key that I created before.
“Success”
thanks.
Yes, that is the problem. the key you create after the droplet creation is not associated to that droplet so it cannot work. create the kay whn you choose your droplet configuration
CORE OS Solution:
If using coreos set the username ‘core’ instead of 'root’.
Once you’ve logged in you can use 'sudo -i’ to become root.
Digital Ocean needs to improve these tutorials. Digital Ocean needs to improve them not their customers. Your customer’s follow them only to learn that they lack detail, skip steps, or just plain suck. It leads to a lot of non-value adding activity.
Seriously. It’s really frustrating. Especially, when you still can’t get it to work after following users’ suggestions destroying and recreating droplets. I even tried creating the file known-hosts from the root directory in my user directory to no avail.
Digital Ocean needs to put in their dashboard a note saying that the SSH keys must be created prior to creating a new droplet! I wasted way too much time trying to get this to work and its even worse when you got a droplet already created and apps setup.
Here’s what I did for those who need help on this issue. I used Mobaxterm and generated SSH keys at the local terminal.
ssh-keygen -t rsa (accept all defaults)
cd /home/mobaxterm/.ssh
cat id_rsa.pub
Copy and paste the output into Add SSH form box
Create SSH session w/advanced settings pointing at private key
Create SFTP session w/advanced settings pointing at private key
To determine folder locations on the windows box that correlate with Mobaxterm, look at your Settings | Configuration | Persistent home directory and click on the folder to see the Windows directory its located in. Its usually your C:/Users/uername/Documents/Mobaxterm/home/.ssh
I had same problem, tried everything but kept refusing my key, or prompting me for a password in addition to the key.
Turns out i kept accidentally creating a droplet using CoreOS instead of CentOS…not sure what the deal is with CoreOS…but glad i don’t need to use that right now or i would be in for trouble or switching to a i different service.
If you just upgraded Ubuntu 15.04/10 to Ubuntu 16.04 LTS (or otherwise upgraded OpenSSH from v6.9 to v7.0 you may be getting the ssh refusal because of changes in OpenSSH.
I was specifically getting this error in the /var/log/auth.log (via Webmin): sshd[2444]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth].
For this specific error, you need to add “PubkeyAcceptedKeyTypes=+ssh-dss” (without the quotations) to the bottom of your /etc/ssh/sshd_config file.
I had the same problem after following this tutorial : https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-14-04
I first thought, I had to use chmod 644 rather than 600 for the authorized_keys file as @Tecca suggests, I tested both now that I solved my problem and it makes no difference to use one or another.
PuTTY Key Generator inserted some sort of “carriage return” in my public SSH key so the copy / paste was incomplete. Maybe others will have the same issue, so I strongly recommend you to double check if your key is complete.
Hi, I have the same problem, How did you fix it?
Regards.
Irving Tristan.
I have the same problem
Someone?
Someone?
usermod -s /bin/bash root
Hi, I have the same problem, How did you fix it?
I could able to login using SSH and here are the tips to make it work. If you use puttygen to generate the keys, copy the contents from the dialog box displayed at the end from puttygen. You will notice that the contents of the saved file are different from the dialog box.
For e.g. the contents of saved file will be something like
“
—- BEGIN SSH2 PUBLIC KEY —-
Comment: "rsa-key-20160208”
XXXXXX
XXXXX.....
—- END SSH2 PUBLIC KEY —-
“
while the dialog box will look something like
”
ssh-rsa XXXX……== rsa-key-20160208
“
Later follow all the steps for client as specified in
https://www.digitalocean.com/community/tutorials/how-to-use-ssh-keys-with-putty-on-digitalocean-droplets-windows-users#setting-up-an-ssh-session-with-ssh-keys-in-putty
Thanks YogeshCJadhav! That was the problem for me (used Puttygen, and I grabbed the wrong output).
Yogesh C Jadhav! You saved me… Been fighting with this non-root user SSH problem for more than two hours now. Thank you.