I'm trying to connect to my server where I have Magento installed.
I loaded the key on my windows cmd with ssh-add, and then connected with:
ssh -pPORT user#server
and I get:
Permission denied (publickey).
How can I fix this? I can't run chmod 600 on windows and already checked the permissions on the key file and are 'full control'
A permission denied, as commented, means SSH does connect, but does not find the right public key to validate the private one used locally.
Try ssh -Tv -pPORT user#server to see what key is used locally.
Then make sure your public key is copied to the remote server, in ~user/.ssh/id_rsa.pub (replace "user" by the actual user account name you need in your case)
This error usually means your key hasn't been added to the authorized keys list on the host machine. You can either manually add the public key to the server, or use the following command from the machine you're using to connect to the server.
ssh-copy-id -pPORT user#server
This will require you to enter the users password first time, but will then copy your public key onto the host/server to allow key based authentication next time you login.
I've been trying for days to connect my application to a remote server with the NET::SSH gem without success. The issue seems to originate from the fact I need to use a private key file to authenticate the login.
require 'net/ssh'
def SSH(host, user, psw, keys, cmd)
Net::SSH.start( host,
user,
:password => psw,
:host_key => "ssh-rsa",
:encryption => ["blowfish-cbc","aes256-cbc"],
:keys => keys,
:verbose => :debug,
:auth_methods => ["publickey","password"]
) do|ssh|
#result = ssh.exec!(cmd)
puts #result
end
return #result
end
The debug output gives me the error:
Could not load private key file `C:/path_to_key/key.ppk': ArgumentError (Could not parse PKey)
I've seen many examples of this error with No start line appended however have not found anything to suggest workarounds to this. I've even uninstalled and reinstalled the NET::SSH gem.
I have no problem connecting through puTTY/WinSCP with the same credentials so I'm sure there are no remote authentication issues.
Any help appreciated
It can be problem of SSLv3. Re-generate your ssl certificates and try again.
The issue for me was the format of the private key. For some (still unexplained) reason Ruby didn't like the .ppk extension.
To get round it
ssh-keygen -t rsa (or dsa if you want more secure format) on the remote box to generate public/private key pair. Give it a folder in which to put both keys.
Add public key to ~/.ssh/authorized_keys file
Move private key to local machine with WinSCP and use it as key or key_data for NET::SSH
My current solution is to ask the user to add the keys to the user agent:
eval `ssh-agent -s`
ssh-add
While the above may not be known by some users, it is the standard way to let your shell know what keys to use for remote access. It handles typing in a password for more of a single sign on handling of credentials with passwords.
The most recent version of net ssh potentially no longer has this issue
I am trying to SSH on my server using key but i am getting below error. I have windows machine. Also, I tried same from Cygwin and it connected!!. But , not able to do from command prompt. Error is below.
C:\Users\Rahul\.ssh>ssh username#example.com
Could not create directory '/home/Rahul/.ssh'.
The authenticity of host 'example.com ' can't be established.
RSA key fingerprint is 67:b6:1e:8a:0f:26:db:75:8e:78:af:16:ae:be:49:c2.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/Rahul/.ssh/known_hosts).
###########################################################
# WARNING: UNPROTECTED PRIVATE KEY FILE! #
###########################################################
Permissions 0644 for 'C:/Users/Rahul/.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: C:/Users/Rahul/.ssh/id_rsa
Enter passphrase for key 'C:/Users/Rahul/.ssh/id_rsa':
Permission denied (publickey,gssapi-with-mic).
I have done various solution but not able to find solutions. Please help. THanks in advance
I'm on a Windows 7 machine and have installed PuTTY. I'm trying to connect, but the authentication fails because of an incorrect password. But, the VM I'm connecting to doesn't have a password?
Here are the creds I'm trying to use:
Host: 127.0.0.1
Port: 2222
Username: vagrant
Private key: c:/users/<username>/.vagrant.d/insecure_private_key
When I open PuTTY, I put in the above credentials and click open, at which point it ask for the username and I enter 'vagrant', then it asks for the password, but there isn't a password, so I get access denied?
Not sure how to get around this?
Thanks.
The "---Begin RSA PRIVATE KEY ...." key is not of a format that PuTTY uses.
Use the program puttygen.exe (same place where the putty.exe program
is) to "Load" the private key.
Select "All Files (.)" from the filter to see the file c:/users/.../.vagrant.d/insecure_private_key
and open it. It will say that it has successfully imported foreign
key....
Then use "Save private key" option to save the loaded key
into a *.ppk file.
Then use that ppk file as the key file for "SSH |
Auth" in PuTTY
That should work.
I had experienced the opposite: using the putty proprietary .ppk format to configure the "config.ssh.private_key_path" which expects the SSH format.
You can also you the puttygen to convert from .ppk format to SSH format.
PuTTY fatal error:
No supported authentication methods available
When I tried to login into the production server, I am getting above error. Could anyone help me to fix this?
Edit file
sudo vi /etc/ssh/sshd_config
Set PasswordAuthentication yes
Then restart server
sudo service ssh restart
sudo service sshd restart
It worked for me after I did the following steps :
1- Download Puttygen (https://www.puttygen.com/download-putty)
2- Open PUttyGen and then Load the private key from :
C:\Users[username]\Chapter6.vagrant\machines\default\virtualbox
3- save the new private key with a new name.
4- Open Putty, go to Connection > SSH > Auth > and add the new private key
5- Connect now using 127.0.0.1 and 2222
I think your private key file format is not compatible with putty for putty uses its' native format instead.
Detail:http://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter10.html#errors-no-auth
If you are using cloud service and trying to connect server using ssh then Don't login the user name as ec2-user, the default user name is ubuntu forubuntu server.
This error can also be seen if you haven’t selected the .ppk file for the session in Putty: Connection > SSH > Auth
You’re done if you’ve employed PuttyGen to generate the keys. Else import the private key to your .ppk file as others have instructed.
Note on Linux as opposed to Windows, puttygen is accessed only via the command line. Here’s some resources for that:
https://the.earth.li/~sgtatham/putty/0.76/htmldoc/Chapter8.html#pubkey
http://manpages.ubuntu.com/manpages/bionic/man1/puttygen.1.html
https://www.ssh.com/academy/ssh/putty/linux/puttygen
In my case, I updated the Putty application to the latest and issue was solved.
Do you still have access to the server (maybe an open shell?) Check /var/log/messages for more details. This could have something to do with your PAM configuration.
Did you change folder permissions? i met this question in this week, so i find the error that is cause to me change the folder(name is ec2-user) permission.
1.Edit the /etc/ssh/sshd_config file.
2.Change PasswordAuthentication and ChallengeResponseAuthentication to yes.
3a. Restart ssh /etc/init.d/ssh restart.
OR
3b. better you use service sshd restart
If you've saved your public key on an external drive and it's not connected, putty will throw this error when connecting to your remote server.
Solved via Puttygen
I was on a windows system and it doesnt support direct shell access like linux or macOS.
Download Puttygen.
Load the .pem key to puttygen
Save as Private key
Use this key to login to ec2 instance
P.S : Also if the SSH ask for login/username - enter ubuntu or admin
Download Puttygen
Load the .pem key to puttygen
convert .pem file to .ppk
Save as Private key
Install/Open Putty >> puTTY Configuration >> Auth >> Browse >> path to .ppk file
Use this key to login to ec2 instance (check that IP of remote server is allowed in security group config of EC2 instance)
Username
The usual user names are ec2-user, ubuntu, centos, root, or admin
If that server is in the cloud like AWS, the rookie mistake I did was not realizing that a new Public IPv4 DNS gets used when the instance was off for some time. So, check the new DNS
Today I faced the same problem. So in putty you have to use "user name" of your EC2 instance
to get your "user name" of your EC2 instance
Select EC2 instance
select Connect
Now go to putty use ec2_name#public address
To see your public address
select EC2
under details you will be able to see your public address.
Now try loading your "ppk" file you will be able to log in.
For Digital Ocean, we should enable password authentication first.
The complete instruction is here: https://docs.digitalocean.com/support/i-lost-the-ssh-key-for-my-droplet/#enable-password-authentication
Log in to the Droplet via the Recovery Console
Even though you have a root password for the Droplet, if you try to log in via SSH using that password immediately, you’ll receive a Permission denied (publickey) error. This is because password authentication is still disabled on the Droplet. To fix this, you need to log in via the Recovery Console and update its SSH configuration.
There are detailed instructions on how to connect to Droplets with the
Recovery Console for a more explicit walkthrough, but here’s a brief
summary:
On the Droplet’s detail page, in the same Access tab, click the Launch
Console button.
At the login prompt, enter root as the username.
At the subsequent password prompt, enter the root password you were
sent via email. Most distributions prompt you to enter the password
twice, but some (like Fedora 27) do not.
Enter a new root password to replace the one that was emailed to you,
then enter that same new password again.
You will now be logged in as root in the Recovery Console, which gives
you access to the Droplet’s SSH configuration.
Enable Password Authentication To enable password authentication on
your Droplet, you need to modify a line in its SSH config file, which
is /etc/ssh/sshd_config.
Open /etc/ssh/sshd_config using your preferred text editor, like nano
or vim. Find the line that reads PasswordAuthentication no line and
change it to PasswordAuthentication yes, then save and exit the file.
Because the SSH daemon only reads its configuration files when it’s
first starting, you need to restart it for these changes to take
effect. The command to do this depends on your operating system:
Operating System SSH Restart Command
Ubuntu 14.x service ssh restart
Ubuntu 15.4 and up systemctl restart ssh
Debian systemctl restart ssh
CentOS 6 service sshd restart
CentOS 7 systemctl restart sshd
Fedora systemctl restart sshd\