Related

NGINX Config Generator

Easily configure a performant, secure, and stable NGINX server.

 Learn More
ERR_TOO_MANY_REDIRECTS Question Question
How to prevent bad caching on Users Browsers with Virtual Hosts on NGINX Question Question

Question

SSH Won't login permission denied (publickey,password)

Posted February 18, 2017 292.2k views
NginxUbuntu 16.04

I’ve tried all the tutorials on DO how to set up SSH but nothing will let me get past the access denied. I set it up originally and wanted to add another user, so I followed a tutorial on that, now I cant login with either…
Is there a way to reset ssh and start over without damaging the server (being online) as there is a website connected that needs not be interrupted.

Thank you any help is appreciated…

Add a comment
lassee94933ef12b990f92bb30
By:
lassee94933ef12b990f92bb30

Related

NGINX Config Generator

Easily configure a performant, secure, and stable NGINX server.

 Learn More
ERR_TOO_MANY_REDIRECTS Question Question
How to prevent bad caching on Users Browsers with Virtual Hosts on NGINX Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
8 answers
jtittle1 February 18, 2017

@lassee94933ef12b990f92bb30

Thanks!

Ok, so let’s start with not able to login with either user. If you can’t login to SSH, the only other way to login to your Droplet is using console, which you’d access by clicking on the name of the droplet and then clicking on ‘Access’ and then 'Launch Console’.

To login to console, you’ll need your root user password. If you never received a password and your Droplet is setup with SSH Keys only, there’s very little that can be done at this point, unfortunately, as you can’t use SSH Keys to login to the console.

If you can login to console, you can re-enable PasswordAuthentication by modifying:

/etc/ssh/sshd_config

and changing:

PasswordAuthentication no

to 

PasswordAuthentication yes

and then restarting SSHD:

service sshd restart

You could then reset passwords using passwd, such as:

passwd username

Getting you back in is what’s important right now. We can then work on setting up SSH Keys after though the best way to setup SSH Keys is actually to deploy them when you deploy your Droplet (as this makes it easier). You could then create a new user and we can walk through the setup,

If you can’t login to console, short of submitting a support ticket and seeing if they can help get you back in, you would effectively be locked out and would need to deploy a new Droplet.

When you start tinkering with SSH and a Firewall, you have to be very careful.

Reply Report
borao February 19, 2017 
cat ~/.ssh/id_rsa.pub | ssh <user>@<hostname> 'cat >> .ssh/authorized_keys && echo "Key copied"'

That worked for me.

Reply Report
anushanth June 3, 2017

If you can able to log into the web console re-enable the following parameters by modifying /etc/ssh/sshd_config

sudo nano /etc/ssh/sshd_config

PermitRootLogin yes
PasswordAuthentication yes
UseLogin yes

Then restart.

sudo systemctl reload sshd

 sudo service ssh restart

Hope it will help you :)

Reply Report
jtittle1 February 18, 2017

@lassee94933ef12b990f92bb30

Which guide(s) did you follow? Let’s start there so we’re on the same page and we can work from there :-).

Reply Report
borao February 19, 2017

Local. You need to replace user with root and host with your server’s IP.

Reply Report
lassee94933ef12b990f92bb30 February 18, 2017
How To Configure SSH Key-Based Authentication on a Linux Server
by Justin Ellingwood
SSH, or secure shell, is the most common way of administering remote Linux servers. Although the daemon allows password-based authentication, exposing a password-protected account to the network can open up your server to brute-force attacks. In this guide, we demonstrate how to configure your server with SSH keys, which is the recommended authentication method. These are much more difficult for attackers to work around, giving you a more secure login mechanism.
Reply Report
lassee94933ef12b990f92bb30 February 18, 2017

@jtittle
Thank you so far so good,
I have access to COnsole and root as well. I followed the steps you have outlined. Tried for kicks to ssh from local machine.. Still permission denied :/

Reply Report
StilMan25 March 13, 2019

We had the same problem as we no longer use our developer but he had set up ssh keys to log in. I could only get in via the console on the DigitalOcean portal. I had to reset the Authentication which you can see in the 2 lines adde below. I followed anushanth thread above but with the following modifications:

sudo nano /etc/ssh/sshd_config

PermitRootLogin yes
PasswordAuthentication yes (This didn’t exist in my file)
UseLogin yes (This didn’t exist in my file)
RSAAuthentication no
PubkeyAuthentication no

sudo systemctl reload sshd (This didn't work)

sudo service ssh restart

This worked like a charm, went back to my 3rd party console (iTerm2) and was able to log in with my password.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help