View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions Public Key Authentication
Log in to Ask a Question

Public Key Authentication

development

I'm configuring a new server I'm setting up, and trying to use key authentication for SSH, but I'm having some sort of issue. I was following the steps from this article:

https://www.linode.com/docs/security/us … ing-system">https://www.linode.com/docs/security/use-public-key-authentication-with-ssh#windows-operating-system

I completed all the steps, but when I try to connect afterwards, it just asks for the user and then the password like logging in normally, not the passphrase like the article says should happen. The steps are all pretty straight forward, and I've checked over all the steps several times, but I'm clearly missing something since it's not working. Any ideas what I should check?

4 Replies

Things that come to mind:

1. Check the permissions on your private key (~/.ssh/idrsa or ~/.ssh/iddsa) - OpenSSH will refuse to use it if these are incorrect. It should have read/write permissions for the owner only, like so:

$ ls -l ~/.ssh/id_rsa
-rw------- 1 vance vance  951 Aug 24 23:45 id_rsa

2. Use the verbose switch when logging in to produce additional diagnostics. For example:

ssh -vv user@host

I had actually already checked the permissions, and just checked again, but they're already set like you said they should be.

I tried the verbose switch you mentioned, but it listed a fair bit of information and I'm not really sure what I'd be looking for in it. Is there something specific in there I should be looking for?

You also need to check the permissions on the PUBLIC key on the remote server and of the whole directory tree from / to $HOME/.ssh - if any of those directories are world/group writeable then ssh daemon won't use the key. Also if any of those directories are own by anyone other than the user or root then it won't work.

Ok, it was actually the public key I had checked the permissions on, not the private key. And I checked all the directories as well, no write permission for group or world anywhere in those.

On the private key, I'm connecting from Windows using PuTTY, but the permissions Vance listed weren't for Windows (that's why I checked the public key, I saw Linux style permissions and just checked the remote Linux server without realizing the post said private key). The article I was following was specifically for PuTTY and didn't list needing to do anything for the private key other than generating it, saving it, and setting the location for it in PuTTY.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct