Question

ssh failed Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

Note from DigitalOcean Community team: The user @intalix has provided a popular answer to a very similar question on setting up SSH keys here: https://www.digitalocean.com/community/questions/error-permission-denied-publickey-when-i-try-to-ssh?answer=44730

ssh -v  root@xx.xx.xx.xxx
OpenSSH_6.9p1, LibreSSL 2.1.7
debug1: Reading configuration data /Users/frank_szn/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: Connecting to 45.55.20.113 [45.55.20.113] port 22.
debug1: Connection established.
debug1: identity file /Users/frank_szn/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/frank_szn/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/frank_szn/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/frank_szn/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/frank_szn/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/frank_szn/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/frank_szn/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/frank_szn/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to 45.55.20.113:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr umac-64@openssh.com none
debug1: kex: client->server aes128-ctr umac-64@openssh.com none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:xiB0VWociJ19y8/fqsxGcn0OJJeMe8J5TUhii5y05Ms
debug1: Host '45.55.20.113' is known and matches the RSA host key.
debug1: Found key in /Users/frank_szn/.ssh/known_hosts:3
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/frank_szn/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Trying private key: /Users/frank_szn/.ssh/id_dsa
debug1: Trying private key: /Users/frank_szn/.ssh/id_ecdsa
debug1: Trying private key: /Users/frank_szn/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

You may try edit in /etc/ssh/sshd_config PasswordAuthentication yes

service sshd restart

I found in messages log information about bad ownership of authorized_keys. So I changed permissions for my /home/USERNAME/.ssh/authorized_keys to 0600 and everything works.

I was trying to do this on aws. Following is the procedure which worked.

  1. clean up the .ssh directory on both master and slave.
  2. create same username on both master and slave with (adduser <uname> -p <passwd>)
  3. on the master login as <uname> and go home by typing cd (/home/user)
  4. ssh-keygen (this will create private and public keys for user)
  5. copy the contents of id_rsa.pub from master to /home/user/.ssh/authorized_keys) on slave
  6. change permissions of the file authorized_keys to 600 ( chmod 600 authorized_keys) on slave
  7. say cd… and check permissions of the directory .ssh on slave. it should be again 600.
  8. Now on master login as the <user> and at command prompt say
  9. ssh <slave ip address> (or ssh user@slaveIDAddress) 11 login should be successful.
  10. In case you are using jenkins in Jenkins credentials copy the id_rsa (private key) for the <user>. it will connect to slave.
  11. Hope I am clear.