Question

SSH Server refused our key

I’ve been at this an hour and just cannot get SSH to bloody work. I tried this last year and gave up, thought I would give it a crack.

I follow the tutorial: https://www.digitalocean.com/community/tutorials/how-to-create-ssh-keys-with-putty-to-connect-to-a-vps

One difference is the command to close was “Esc, :, w, q, Enter” That did not work so I looked it up and SHIFT + Z + Z saves the file and closes it. I rechecked the file and it indeed saved it.

I go to connect and no lucky, big fat “Server refused our key” I don’t know what to do, why is SSH not easy to setup, I want it to be secure but no lets make it stupidly hard! I’m a go grumble over here and be incredibly appreciative of any help lol

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

@Thrax

How you’d go about setting it up really depends on whether you’re trying to set it up for root or for a non-root user. The steps are almost the same, but differ slightly.

For example, for root, ~/.ssh already exists so it doesn’t need to be created. For all other users, it does and you need to set proper permissions on those directories.

That being said, the easiest method of deploying SSH keys is to simply deploy them with the server so that you don’t need to physically add the initial one (for the root user).

How you log in also depends on your OS. If you’re on MacOS (or OS X), then you’d run:

ssh user@server_ip -i ~/.ssh/private_key

Where user is the username (such as root or the user you created), server_ip is the Droplet IP, and the path at the end, ~/.ssh/private_key, is the path to your private key that was generated when you created your key pair.

If you’re on Windows, it’s a little different depending on what you use to log in. Most commonly, PuTTy is used, which requires that you convert the OpenSSH key to a PuTTy formatted key, and then use that key to login. It’s an extra step, but many programs use PuTTy key format (such as FileZilla).

So my first question would be, what OS are you using (MacOS or Windows)?

Next, what program are you using to try to login, Terminal (Mac OS), PuTTy, or something else?

If you still have your key rejected despite having all of the permissions and ownership set correctly, you may need to change the user’s password from the default “locked” (which is a hash that is or starts with !) to an “impossible” hash (assuming you don’t want the user to log in with a password) with usermod -p "*" username. the full explanation is available at https://arlimus.github.io/articles/usepam/

This is an amazing post thank you so much for the detailed answers. I had a similar problem - Filezilla gave an error when trying to upload a file, even though it logged in correctly, showed the directory tree of the server correctly, too.

After genning a new key, making sure I didn’t accidentally remove any of the first characters in the cut and paste of the public key (great hint btw), I found this:

In putty, under File, SiteManager, Advanced tab, click “UNIX” for server type. This clears up the Filezilla rejecting the transfer even though correctly logged in. so random…