I tried:
$ ssh root#157.245.238.190
and I receive:
Warning: Permanently added '157.245.238.190' (ECDSA) to the list of known hosts.
Permission denied (publickey).
Why does the connection fails, even though I have added the server fingerprint to the known_hosts file?
While known_hosts might be correctly updated, you sill have to register (add) your public key to ~root/.ssh/authorized_keys on the server side.
If not added, an SSH connection would fail with Permission denied (public key)
Also check how the sshd_config is configured on your droplet.
Note that the recommended SSH session is using a user, not root.
Related
I followed the steps of this doc: https://circleci.com/docs/add-ssh-key#circleci-cloud-or-server-3-x
I generated my key:
ssh-keygen -m PEM -t rsa -C "myname#myemail.com"
I copied the content of .ssh/id_ed25519, went to Project Settings > SSH Keys > Additional SHH Keys, and pasted the content of my Key.
However, when I try to ssh I receive the following error:
ssh -p 54782 x.x.x.130
The authenticity of host '[x.x.x.130]:54782 ([x.x.x.x]:54782)' can't be established.
ED25519 key fingerprint is SHA256:xxx
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[x.x.x.130]:54782' (ED25519) to the list of known hosts.
myname#x.x.x.130: Permission denied (publickey).
I will appreciate your help. Thanks
The instructions you followed are for something else; they are about adding an SSH key to the project in case you need to SSH into remote servers from within a job.
If you want to SSH into your job, you need to add the key you generated on your local machine to your VCS (GitHub or Bitbucket) account.
I accessed my cPanel server via SSH with help of username#host and password.
Generated SSH key (RSA) and added it to my GitLab account.
When I tried cloning it shows me an error, fatal: Could not read from remote repository
I think this is an error from the cPanel side but not able to resolve, help me out
From your CPanel server session, check if your generated key works with:
ssh -Tv git#gitlab.com
If you don't see a Welcome to GitLab, #username! at the end, that means the key is not properly registered.
So basically my setup is that i'm creating an ssh pair on my remote server, then copying the pub key to bitbucket, and my server's authorized_keys file.
I'm still getting permission denied when I run my deploy on Bitbucket.
Any SSH key you use in Pipelines should not have a passphrase.
I'm assuming this has something to do with it, even tho i created the ssh pair with a blank password, my sshd_config file has:
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
Should I change this to yes?
Bitbucket's documentation says I should ssh-copy-id -i my_ssh_key user#host, but that doesn't make sense to me since all ssh gen is either happening on the remote or in Bitbucket itself.
Have no idea why this isn't clearer.
Edit: here's the error on the bitbucket build:
+ cat ./deploy.sh | ssh username#remote.com
Pseudo-terminal will not be allocated because stdin is not a terminal.
Warning: Permanently added the RSA host key for IP address ‘XXX.XXX.XX.XX’ to the list of known hosts.
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password).
Here are some values of my sshd_config:
RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys
Ok, got it. For some reason, i had my ssh logic backwards. I re-created the ssh key pair in Bitbucket, added the public key to my remote server's ~/ssh/authorized_keys file, AND ... I assured that the permissions of that file was set to 600. Once I fixed that permission, I had my first successful build. Hope this helps someone.
I am a user on my local machine (clientuser1). I ssh into a AWS instance server (with ip: server-ip) as . I have the public key of clientuser1 uploaded in my permission settings.
I am able to
ssh <server-user1>#<server-ip>
I, then created a user on the instance, and tried ssh'ing into the instance:
ssh <server-user2>#<server-ip>
I got a response:
Permission denied (publickey).
I tried creating a public-private key pair on the on the server and sent the private key of
ssh -i <pvt key of server-user2> <server-user2>#<server-ip>
The answer that worked was
ssh-add <id_rsa>
This added the new key to ssh-agent.
For Googlers:
Other than the common permission-related causes, if the system disk is full, SSH server will also respond "permission denied".
So, I just do trial GCloud service, and try connect via ssh. At the first time I forget my username of my Mac, so I did it wrong by doing this:
doe-MacBook-Pro:Documents does$ ssh -i ~/.ssh/google_compute_engine xxxx#111.111.111.111
Warning: Identity file /Users/does/.ssh/google_compute_engine not accessible: No such file or directory.
The authenticity of host '111.111.111.111 (111.111.111.111)' can't be established.
ECDSA key fingerprint is SHA256:xxxxxxxxxxxxxxxxxxxxxxxx.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added '111.111.111.111' (ECDSA) to the list of known hosts.
Permission denied (publickey).
then I know my username, I tried:
doe-MacBook-Pro:Documents does$ ssh -i ~/.ssh/google_compute_engine does#111.111.111.111
Warning: Identity file /Users/does/.ssh/google_compute_engine not accessible: No such file or directory.
Permission denied (publickey).
and it gives me error. Can you tell me how can I solve this issue?
This has nothing to do with the ssh username.
Check two things first and we can go from there:
Permission: should be readable by you, i.e., at least 0400.
File: does it exist at all?
Problem SOLVED!
I forget didn't completed my gcloud compute ssh project-name command.
After I finished with the command, it creates file google_compute_engine.
Now I finally can connect to my Google Cloud via SSH.