Trying to access my digital ocean server via a mac terminal.
ssh root#myipaddress
I'm then prompted for a password (I've never been prompted before, as I've left it blank intentionally.). After 3 failed attempts I get:
Permission denied (publickey,password).
I have also tried entering the ssh key for the server and get the same outcome.
I tried adding the key to my SSH-agent and get the following:
WARNING: UNPROTECTED PRIVATE KEY FILE!
Permissions 0644 for '/Users/xxxxx/.ssh/id_rsa.xxx.pub' are too open
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
I've tried contacting D.O. but have yet to hear back. Any help is greatly appreciated!
I was finally able to access the server via:
ssh -i <keyfile> <user>#<hostname>
Seems like there was an issue with my machine defaulting to use my personal id_rsa file instead of the one that was created for this different server.
Have you tried the solution in: ssh "permissions are too open" error? Looks like the permissions on your private key are not restrictive enough.
WARNING: UNPROTECTED PRIVATE KEY FILE!
Permissions 0644 for '/Users/xxxxx/.ssh/id_rsa.xxx.pub' are too open
Above messages shows some clarification. Try the below permissions.
# chown user:user ~/.ssh/*
# chmod 600 ~/.ssh/private_key
# chmod 644 ~/.ssh/public_key.pub
Try with these permissions. From the logs it seems to be unprotected permission/ownership.
Also try with ssh -i ~/.ssh/private_key user#<IP> -vvv for more insights :)
Related
I am trying to copy a playbook from my local machine to the host machine (EC2 Instance) but It says I have bad permissions, despite add my key-pair to ~/.ssh/id-rsa/ansible-benchmark.pem.
Ansible-benchmark.pem being the key.
The code I run is scp /Users/mohammedkhot/Documents/terraform-consul/cis-playbook/main.yaml ec2-18-170-61-4.eu-west-2.compute.amazonaws.com:/etc/ansible.
I am trying to copy my main.yaml file to /etc/ansible/
I did also run chmod 400 before trying to copy it but it didn't work.
This is the error I am getting
# WARNING: UNPROTECTED PRIVATE KEY FILE! #
###########################################################
Permissions 0755 for '/Users/mohammedkhot/.ssh/id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/Users/mohammedkhot/.ssh/id_rsa": bad permissions
mohammedkhot#ec2-18-170-61-4.eu-west-2.compute.amazonaws.com: Permission denied (publickey).
lost connection```
The third line in the output is telling you what is wrong. You need more secure permissions on the private key file which resides on your workstation. The current permissions are too permissive.
Change the file permissions to read only for your user using chmod, and then attempt to upload the file to the remote machine.
$ chmod 600 /Users/mohammedkhot/.ssh/id_rsa
$ scp /Users/mohammedkhot/Documents/terraform-consul/cis-playbook/main.yaml ec2-18-170-61-4.eu-west-2.compute.amazonaws.com:/etc/ansible
I am having trouble using SSH with Window's Ubuntu Bash version 14.04. Here are the steps I took
Generated a SSH key and it is in ~/.ssh/id_rsa
I added the key in id_rsa.pub to Github
I ran ssh-add to add the key to bash
However, when I try to clone a private repository (that I have permissions to use, and can load in my browser) I get an error "Permission Denied (publickey)".
Here is what I have verified/double checked:
The key is correct on Github
The key is correct locally
The filepath is correct
My user "Chinnick967" owns the directories so it's not a root ownership problem
I have set the permissions to at least 700
Bash has the key loaded when I check with ssh-add -l
Anyone have any ideas?
You should use git as username. In this case
User git
That should create the keys, you can check https://help.github.com/articles/generating-ssh-keys/
So I installed a LAMP on a Google Cloud instance with debain wheezy7. Everything is working fine but I am not able to work the ftp. I am following this tutorial by digital ocean
I am stuck at this last step where I need to make vsftpd allow the user to write outside the chroot file.
The error is get is
hetunandu_gmail_com#lamp:~$ mkdir /root/hetunandu/files
mkdir: cannot create directory /root/hetunandu/files': Permission denied
Then when i use sudo with it i get this error
hetunandu_gmail_com#lamp:~$ sudo mkdir /root/hetunandu/files
mkdir: cannot create directory /root/hetunandu/files': No such file or directory
Where do I go from here?
Also I dont know how to get my username and password setup for FTP
I followed the tutorial and could not replicate your issue. I initially got "Permission denied" but you can circumvent this by running:
$ sudo su
and then
$ mkdir -p /root/$USER/files
Why not use /home/$USER ? not sure why you want to create the folders under /root.
As for your second question, regarding the username and password, I am not sure I understand. From the Developers Console > Compute Engine > VM Instances > click SSH and that should log you in with root privileges. then you can create all the users you want:
$ sudo adduser test_user
Please don't use FTP as it's an insecure clear-text protocol which will let others see your password and easily get access your instance, read/modify/delete your files, etc.
Instead, you should use secure protocols such as SCP or SFTP with public key authentication.
Here are some options to transfer files to/from your GCE VM instance:
sftp CLI tool, as described in this answer
gcloud compute copy-files, as described in this answer
WinSCP with SFTP
I'm able to authenticate, generate, push etc just fine with my SSH keys and Moovweb credentials on my Mac and Linux machines.
However, on my Windows machine, using Git Bash, I get an SSH Permission denied (publickey) error. The error message is below:
$> moov generate 123dsfsdsf nytimes.com
Running environment checks.
Verifying that git is installed...OK
Checking that current 123dsfsdsf directory doesn't exist...OK
Registering project with MoovCloud.
Authenticating with MoovCloud.
Checking for git access...Enter passphrase for key '/Users/firstname.lastname/.ssh/id_rsa':
Enter passphrase for key '/Users/firstname.lastname/.ssh/id_rsa':
FAILED
> Need to upload an ssh key in order to generate a project...
Found the following SSH public keys:
1 ) id_rsa.pub
2 ) new_rsa.pub
Which would you like to use with your Moovweb account? 2
Uploading public key...
Successfully uploaded public key new_rsa.pub as 'firstname.lastname#GGT.local'
You are now ready to push projects to MoovCloud!
Creating project in MoovCloud...OK
Generating files...OK
Cloning project locally.
Enter passphrase for key '/Users/firstname.lastname/.ssh/id_rsa':
Enter passphrase for key '/Users/firstname.lastname/.ssh/id_rsa':
Cloning into '123dsfsdsf'...
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
ERROR: Error cloning git repo: exit status 128
Please try cloning the repository (git clone moov#git.moovweb.com:firstnameglastname/123dsfsdsf.git) again later.
Try 'moov help generate' to find out details.
Seems like a Windows-specific SSH error. Any workarounds?
So as mentioned in prior answers, the Permission denied error in Windows is because you are trying to use a key other than id_rsa.
Windows lacks the bells and whistles that Linux and Mac have to try out all your public keys when trying to connect to a server via SSH. If you're using the ssh command, you can tell it which key to use by passing the -i flag followed by the path to the key to use:
ssh -i ~/.ssh/moovweb_rsa moov#git.moovweb.com
The above command should work just fine if you've uploaded moovweb_rsa.pub to the console (either via the moov login command or the console UI). However, trying any git related commands should fail because Git doesn't give you the ability to chose which key to use when connecting to the git remote. Because of this, SSH is forced to use the default key, id_rsa, and if that key doesn't work (or doesn't exist), then the connection fails with a permission denied error.
One possible solution, as suggested in other answers, is to simply rename your key to id_rsa. For most people, this is a fine solution. However, if you already have an id_rsa key and you would prefer to use a different key with Moovweb, you can edit your ~/.ssh/config file by adding the following contents:
Host git.moovweb.com
IdentityFile ~/.ssh/moovweb_rsa
If you append the above lines to your ~/.ssh/config file (create it if it doesn't exist), you should be able to successfully get Git to communicate with the Moovweb remote git server. The config basically tells SSH that for the given host (git.moovweb.com), SSH should use the given key rather than the default.
It's worth nothing that this happens to all Git remotes; interactions with Github, Heroku, etc... also suffer through this problem in Windows. You could easily extend your ~/.ssh/config file to use separate SSH keys for each one of those services if you so desired:
Host git.moovweb.com
IdentityFile ~/.ssh/moovweb_rsa
Host github.com
IdentityFile ~/.ssh/github_rsa
Host heroku.com
IdentityFile ~/.ssh/heroku_rsa
Quick & dirty solution: use only the default id_rsa.pub key
Some notes:
make sure you enter the right passphrase to id_rsa.pub
do not use your other key, new_rsa.pub
It turns out that Windows Git Bash doesn't quite come with all the cool utilities Mac/Linux users are used to. Specifically, you don't have ssh-agent running to help handle multiple keys. Without ssh-agent, the git command only seems to use the default id_rsa.pub key.
You can verify this is an SSH/Windows issue following Github's awesome SSH troubleshooting guide. You'll get a Permission denied (publickey) no matter which SSH/Git server you try to connect to.
I have a problem and didn't find anything on stackoverflow or google.
When i run ssh -T git#github.com I get the error Permission denied (publickey).
The helps in the Git Help guide doesn't help.
Can someone help me?
OK i got the solution, maybe someone needs it so here we go:
Ok, i got it finally.
First of all it is to say I am running here the Windows 7 OS in German 64bit! I don't know if this is important.
Well, in this guide: http://help.github.com/win-set-up-git/ they say, that the files where create in C:/Users/[PC-Name]/.ssh/
So in this folder there shall be the files id_rsa and id_rsa.pub. When i looked them up, i wasn't able to find even the folder. So where are the necessary files?
I run the search and i find them in: C:\Users[yourpcname]\AppData\Local\VirtualStore\Windows\SysWOW64
I don't know why or how they get there. I never typed in this path.
Ok, so now just copy the files and create the .ssh folder in C:/Users/[PC-Name]/ move to the directory .ssh and paste the two files id_rsa and id_rsa.pub.
Then don't run ssh -T git#github.com
but:
ssh -T git#github.com -i <path-to-id_rsa>
and rly take care that you use C:/.../.../ and NOT C:\...\...\..
This solved my problem. Maybe you have the same problem.
Another SO post contains the solution:
Permission denied (publickey) when deploying heroku code. fatal: The remote end hung up unexpectedly
Try to copy id_rsa and id_rsa.pub into the Git Installation folder.
Something like this: C:\users\user\.ssh to C:\Program Files (x86)\Git\.ssh
I wasn't able to find even the folder
That folder can be any folder you want, as long as you define an HOME user environment variable (which isn't defined by default on Windows Xp or Seven)
If you define HOME to C:\path\to\folder, then id_rsa and id_rsa.pub need to be stored in:
C:\path\to\folder\.ssh