Recently, I’ve got a trouble on my Ubuntu openssh-server. I’ve done the command on my notebook
ssh-copy-id user#IP
And I do the things follow on my pc
Sudo vim /etc/ssh/sshd_config
Uncomment the pubkeyauthentication yes
sudo systemctl restart openssh-server
Yet it doesn’t work, I still can’t login automatically without password
So I’m confusing and wondering if I could delete or reset some file so that the system can turn back to some default settings?
Thank you guys for helping me. I’m so frustrated on solving this problem…
I’ve copied my pubkey to my pc and assure the authorized keys file has the pubkey I just send
The troubleshooting parts helps me deal with the problem !
Hope that helps !!
https://help.ubuntu.com/community/SSH/OpenSSH/Keys
Related
I have just upgraded my OSX to Ventura, And it started making my life hell. I have personal git server, usually we create ssh with ssh-keygen command. I created and provided the public to the server without keeping any password, Even I tried with password. But it always keep asking about password and give same error of permission denied. Can anyone have idea how to fix this?. Anyone went through this situation? I even can't get back my OSX version, So i need to find solution here...
Any help would be appreciated. Happy Coding.
After trying many methods, I came around generating the ssh with some other encryption method. like
ssh-keygen -t ecdsa -d 521
And it worked like charm.
In Ventura OSX we need latest encryption method, So ecdsa is new RSA type encryption method that works.
I am trying to use SSH method to clone gitlab project, and I follow the instructions in the website https://docs.gitlab.com/ee/ssh/ but it failed, below is the log that I run the command “ssh -Tvvv git#gitlab.com”, I have tried on several computers but the same problem happened. could anyone help me to figure out the problem, thanks!
enter image description here
Best Regards,
Simon
Make sure to answer yes at the "The authenticity of host 'gitlab.com' can't be established" step.
If you don't, the SSH connection won't complete, and the clone will fail.
That step should be asked only once, meaning your next ssh -Tvvv git#gitlab.com should not ask you again the same question, since ~/.known_hosts will have been updated.
This is safer than StrictHostKeyChecking=no.
I can't figure out why it is taking a long time to ssh into any vm I create on openstack. Once I am finally logged into the vm, things seem to be running just fine and not slow. But When I try to ssh into the vm it takes about 45 seconds to a minute to prompt me for a password to log in. After I type in my password it logs right in with no delay.
I used kolla 5.0.0 to deploy openstack on one control node and one compute node both running Centos 7. Everything seems to work well but the ssh login just takes too long.
I tried changing the option UseDNS to equal "no" in /etc/ssh/sshd_config on the VM cause I have seen this online as a possible "fix" but this did not fix it for me. It still takes a while to log in, however, it does seem to login about 8 or 10 seconds faster with UseDNS set to "no". But waiting 30 plus seconds to login is still not good enough.
Any suggestions on why this could be happening or how I can trouble shoot this?
Slow SSH in not an issue in Kolla. Adding the following in the VM and restarting the SSH service should fix it:
Add UseDNS no to /etc/ssh/sshd_config
Add GSSAPIAuthentication no to /etc/ssh/sshd_config
If SSH login is still slow, try adding GSSAPIAuthentication no in $HOME/.ssh/config on the client side too from where you are SSH'ing from.
Also, SSH response time depends on how far you are SSH'ing from into the VM.
It could still be a DNS related thing. When I'm faced with this, I normally set
GSSAPIAuthentication no
again, in /etc/ssh/sshd_config.
I'm stuck on something quite complicated it seems, but I'm pretty sure I'm not the first one to face this problem, still I can't seem to find someone having the same problem on any forum.
As said in the title I want to make a chroot for users that works with SSH and SFTP. I'm currently stuck with one or the other and that's not ok with me.
Following tutorials, I modified the sshd_config file and added this line as suggested:
ForceCommand internal-sftp
That allows me to connect when using a linux terminal but it's a bit tricky for windows user using putty even if it seems you can use it with psftp. But you can't use all the commands you put inside the jail env.
Does anyone has already figure this one out?
As stated before my chroot is working, so it's not really a configuration issue.
Finally I found a solution reading another tutorial.
If anyone is troubled with this another time, in sshd_config, most tutorial juste leave the subsystem line in the file by default.
To resolve my issue I just did this:
#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp
That did the work and I can now access my server in SSH and SFTP with the chrooted accounts.
It's always just after you post on a forum that you find a solution.
Have a good day everyone.
I've followed a couple of tutorials for creating an Amazon EC2 instance using the command line tools
http://www.zabada.com/tutorials/deploying-a-rails-application-to-production-on-amazon-ec2.php
http://www.smartfrog.org/wiki/display/sf/Starting+an+EC2+Image+by+Hand
and all is well, i
ec2-add-keypair (directing the output of ec2-add-keypair directly to a file in ~/.ssh)
chmod 600 the keypair
ec2-run-instance
ec2-describe-instances
then, when the new instance is running try to ssh on
ssh -i ~/.ssh/ec2-keypair ec2-user#foo.bar.amazon.com
At this point i'm ALWAYS prompted for a password. Obviously there's no password so it always refuses me access.
My question is, what am i doing wrong here? Why am i being prompted for a password and how can i put this right so i can ssh onto the machine i've just started?
I'm guessing this is something to do with my local setup, but as far as i know this machine hasn't had anything custom done with .ssh (there's certainly no config file or anything like that lying around that might be screwing with things).
Anyone have any ideas or suggestions?
ec2-user# ? Why not root# ?