It sounds like you have SSH setup about right.

RSAAuthentication only affects SSH protocol 1. This is off by default these days. Unless you have a Protocol line in sshd_config enabling protocol 1 RSAAuthentication won't do anything.

'PubkeyAuthentication yes' is the right option to turn on public key authentication for protocol 2, the current version.

It sounds like putty isn't trying keypair authentication.

Did you generate the keypair with puttygen? Is it a SSH-2 keypair?

Did you tell putty to use the private key that corresponds to the public key you copied to the server and did you save the putty profile afterwards? It's easy to hit load instead of save and lose putty settings or close putty instead of saving and lose the settings.

Set PermitRootLogin no in your sshd_config, and all attempts to log in as root via ssh will fail (won't stop zombies from trying, however). In addition to PasswordAuthentication no, you may also need to set ChallengeResponseAuthentication no to disable password logins.

Hi, thanks for the tips.

Yes , I do have Protocol 2 uncommented and enabled

PermitRootLogin no

PasswordAuthentication no

ChallengeResponseAuthentication no

RSAAuthentication yes

PubkeyAuthentication yes

PermitRootLogin no

UsePAM no

RhostsRSAAuthentication no

HostbasedAuthentication no

PermitEmptyPasswords no

however I do still have the commented lines of -

IgnoreUserKnownHosts yes

AuthorizedKeysFile %h/.ssh/authorized_keys

as well as these lines -

HostKey /etc/ssh/sshhostrsa_key

HostKey /etc/ssh/sshhostdsa_key

Perhaps these lines additionally need to be uncommented and specify my user account folder?

/home/useraccount/.ssh/authorized_keys

I did use PuttyGen I believe correctly after having some initial issues with the keys being recognized

They are SSH-2 and yes I also can verify I am correctly hitting load to load my Putty profile with a check mark

next to Attempt authentication using Pageant.

As I said I believe my keys are working properly, in that without enabling Pageant in Putty

I get the error:

Disconnected: No supported authentication methods available (server sent :publickey)

and cannot login, However when I do then enable Pageant in Putty with my private key loaded ready to go,

I can in fact successfully login and Putty then upon successful login says recognized key etc.

I also furthermore have noticed a record that the key has been accepted for my user account listed in my log.

So I was just all together wondering essentially if it is normal to still see failed logins and authentication errors in Logwatch?

If pagent works it's proof that the problem isn't on the Linode end. Putty is doing it wrong somehow, check all the settings.

Failed logins from random internet addresses are normal. It's just scripted attack rubbish. If you don't use password authentication you won't have a problem.

Thanks very much for the tips, I checked in my putty session configuration and everything seems right.

I just was trying to essentially verify that even despite if as I believe I do correctly have password authentication disabled, whether it was therefore normal to still see Failed logins and authentication errors in Logwatch?

Or perhaps if rather that this would be an absolute indication that in fact it was somehow not fully disabled.

But if I understand it correctly then, even if it is hopefully disabled correctly, one typically will still see these.

Because again, in testing it without pageant I just get an initial prompt for user name, but then immediately followed by the popup window error preventing me from going any further - Disconnected: No supported authentication methods available (server sent :publickey)

It's only upon enabling my private key in pageant that I am then allowed to successfully login and it says "key accepted" etc.