SSH is asking for password

August 19, 2014 7.5k views

Good evening!
I saw there are a lot of quesitons regarding this, but I did not found a solution.
I have added "deploy" user and added key to authorized_keys - and was able to actually login with SSH using this key, but all of a sudden server is now prompting for a password again!

The only thing I did, I think, was creating another key (generating) on a server side (I need to to access other server), this process has created known_hosts file. I'm not sure if I was locked out of logging in with SSH key at this point or something else is causing this issue.

Please, adivce ASAP

Thank you!

6 Answers

Try, on your computer (client) to delete contents of ~/.ssh/known_hosts and then ssh into your server.

Thanks for reply - unfortunately, this does not really apply as I'm on windows 7. I'm sorry i did not mention this right away.
All my other keys and connections work fine.

Please, advice - I had to enter that deploy password 50 times today already, haha, hopefully I'll get it working!

I see. Someone else will have to help you, as I no longer use Windows.

You might try adding -v next time you use ssh to login, as that will give you some output of what the problem might be.

here are some other de-bugging tips:

What is asking you for the password? Is it the server asking you for the deploy user's login password or Windows asking you for the SSH key's password?

If it's the server, make sure that you've enabled PubkeyAuthentication and disabled PasswordAuthentication in /etc/ssh/sshd_config like:

PubkeyAuthentication yes
#PasswordAuthentication yes

If it's Windows, you need to run ssh-agent so that it caches the password. Or you could create a new ssh key without a password entirely.

Thank you, both these are correct in configs.

Server is asking me password when I try to connect to it wuth Putty + my key. Same with GIT pushes.
Don't get me wrong - I've been doing pretty much same setup for about 4-5 years now, but can't figure out why server in this case is keep asking me to enter password.

I would like to know the answer to this as well. I spin up a lot of machines to test things and I get the key to work maybe 40% of the time on first spin up. This is not a client side issue. I just delete my droplet and start again. I dont waste my time resetting the root password. Anytime I spin up a droplet I rm -rf /home/username/known* so as to clear out my known_hosts andknown_hosts.old
Please figure this issue out Its really annoying.

  • I think this happens when you delete, then spin up a new droplet shortly there after. it will often grab the same IP address of the one you just destroyed. I see this when using chef to test changes - create droplet - destroy - create new droplet... Known hosts sees new machine using known IP of the previous machine. It would be nice to be able to specify to not get recent used IP each time, in DO UI and via kinfe, something like:

    "knife digital_ocean droplet create --get-ip fresh; recent released; etc"

Have another answer? Share your knowledge.