Having trouble setting up key authentication
Total Linux newb. I've been setting up my Linode, and got stuck at the key authentication part.
I'm using Putty, PuttyGen, and Ubuntu 10
I was successfully able to create the public and private keys, and save them on my local pc. I then put the public key in the file at /etc/ssh/authorized_keys in my root (all on one line).
When connecting I get a 'server refused our key' error.
the docs mentiona .ssh dir. Do I include the dot as in
/etc/.ssh/authorizedkeys, or should it be /etc/ssh/authorizedkeys ? I tried it with a dot, but there is a save error when I try to finish writing the file.
Also, should it start with /etc or should there be a user name in there?
I've stopped Pageant (to eliminate any problems with that and Putty communicating), and tried loading the .ppk file directly into Putty using the 'Private key file for authentication' browse box.
Also, when I type chmod go-w $HOME $HOME/.ssh $HOME/.ssh/authorized_keys (as in the instructions at 8.3 Getting ready for public key authentication), I am told there is no such directory. The manual isn't clear about exactly where the .ssh dir is (I have been saving in the ssh dir, not .ssh). Is it in /etc ?
Also, while setting this up, should I be logged in as root or as the 2nd user?
Everything else seems fine - I think there is only something small stopping this working.
Thanks for your help guys!!!
BTW - the Linode support has been fantastic. I peppered them with questions last night during set up, and they responded fast and have been helpful. This morning they suggested I place this type of question here in the forum.
Cheers
Shaun
21 Replies
Linode's guide
So I tried…
logging in as root
typing nano /.ssh/authorized_keys
…to create the file, and then copied the key into it, and save out
I get the error:
Error writing /root/.ssh/authorized_keys: No such file or directory ]
instead tried
- typing nano ~/.ssh/authorized_keys
but get the same error
There is something fundamental I'm not understanding about how to use ~, and if it should be ssh or .shh
Can someone please elaborate a little - cheers?
Just as a note - I'm not using Linux locally, just windpws, so I am following…
'generate the SSH keys by following the instructions in our PuTTY guide.'
ls -l the authorized key file should only have rw for owner.
-rw–----- 1 mike mike 2611 Apr 9 20:15 authorized_keys2
this is where I would start. it will not work unless the permissions are like this.
That's the thing though - I can't save an authorized_key file - I get the errors mentioned above.
I would be brilliant if someone could type out what I write to create a new authorized_key file, and where I type that ie do I log in as root or as the 2nd user I created in one of the previous setup steps.
Thanks for your time and help.
btw typing ls -l gives me 'total 0'
2, cat > authorized_key (then hit enter) (Then hit control D)
3, ls -l
4, report back with the ls -l command
Should I be logged in as root?
When I type ls / from where I am, this is the listing…
bin cdrom etc lib media opt root selinux sys usr
boot dev home lost+found mnt proc sbin srv tmp var
1, mkdir .ssh
2, cd .ssh
3, cat > authorized_keys (hit enter) (then control D)
4, ls -l
5, report back with the ls -l command
It says
-rw-r–r-- 1 then my user name twice plus time info etc then authorized_keys
2, ls -l
3, report back ls -l
-rw-------
1, have you have created you're public key using putty gen.. if so move on two step 2
2, copy and past your're public key into your authorized_key file
3, log into your server with the username you created the authorized_key file.
4, cd .ssh
5, vi authorized_keys
6, paste from step two into the authorized_key file
7, shiftzz
that should be it
The Linode Guide is really bad it needs rewritten from scratch.
I'm glad I was able to help. if you ever need any more linux help.. I have a Linux help forum.. its in my signature.
Just going through those last steps.
What does shiftzz do? All it does it put a capital Z at the end of the key, and then I don't know how to save or get out of the file.
I'm going to try from scratch
ssh-rsa
and ending with rsa-key- (and then 8 numbers)?
Do I need to reboot the server once I've change authorized_keys?
The ssh-rsa at the beginning of the key was missing an s (sh-rsa). Not sure why. It's fixed and that's all I care about right now!
When ever you edit a file with vi you first start out with hitting the i butting which is insert mode.. after making changes you hit escape and shitzz to save. If you want to exit with out saving first hit escape and then :w! this will exit without any changes to the file.
I'm glad you have it working!
The next steps that you need to make are securing ssh.
1, go to /etc/ssh
2, sudo vi sshd_config
3, edit the sshd_config file and configure it to this > PermitRootLogin no
4, PasswordAuthentication no
5, restart ssh for changes
6, sudo /etc/init.d/sshd restart
By doing the above steps you will secure your server from brute force attacks trying to guess easy passwords.