31342

ssh: Permission denied (publickey,keyboard-interactive)

Question:

I'm using linux system I created a ssh key on local directory $ ssh-keygen -t rsa -f ~/.ssh/id_rsa

and then uploaded the public key to planetLab system

then I tried to log in a PlanetLab node using: ssh -v<br /> the debug information is as follows:

OpenSSH_5.8p2, OpenSSL 1.0.0j-fips 10 May 2012 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to openlab01.pl.sophia.inria.fr [138.96.116.22] port 22. debug1: Connection established. debug1: identity file /user/wgong/home/.ssh/id_rsa type 1 debug1: identity file /user/wgong/home/.ssh/id_rsa-cert type -1 debug1: identity file /user/wgong/home/.ssh/id_dsa type -1 debug1: identity file /user/wgong/home/.ssh/id_dsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5 debug1: match: OpenSSH_5.5 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.8 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA 3b:a4:2a:ec:89:d0:7b:d7:b2:08:fe:ca:0d:24:ae:20 debug1: Host 'openlab01.pl.sophia.inria.fr' is known and matches the RSA host key. debug1: Found key in /user/wgong/home/.ssh/known_hosts:10 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Next authentication method: publickey debug1: Offering RSA public key: /user/wgong/home/.ssh/id_rsa debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Trying private key: /user/wgong/home/.ssh/id_dsa debug1: Next authentication method: keyboard-interactive debug1: Authentications that can continue: publickey,keyboard-interactive debug1: No more authentication methods to try. Permission denied (publickey,keyboard-interactive).

how to deal with this problem? thanks!

I notice a problem, previously, our group is tika now it is changed to uslin however, even if I deleted the previous keys and use ssh-keygen to generate new keys, the group is still as below:

-rw------- 1 wgong tika 1766 Mar 6 19:06 id_rsa -rw-r--r-- 1 wgong tika 394 Mar 6 19:06 id_rsa.pub -rw-r--r-- 1 wgong uslin 3987 Mar 6 18:11 known_hosts

is this the problem? how to fix it? thanks!

Answer1:

Make sure your ~/.ssh/authorized_keys file on the server contains your publik key. Also, check this file's permissions - if permissions are too lax, you won't be able to log in:

chmod 600 ~/.ssh/authorized_keys chmod 700 ~/.ssh/ chmod 700 ~

Yes, even your home directory's permissions may make logging in with the key impossible.

Recommend

  • permission denied (public key) error for ssh -vT git@heroku.com
  • Heroku permission denied / unable to connect to heroku api
  • Why do I still have to enter password after I entered ssh-agent and ssh-add?
  • Configure Git With Existing Keys
  • SSH Key ask to enter passphrase after start-agent
  • How do I merge two “lists” in PowerShell when one list might be just one item from Get-Item?
  • Local HTTPS server with SNI
  • response.Error “Forbidden” in IdentityServer3 Flows.ClientCredentials
  • Extract public key from certificate x509
  • Is the result of a RSA encryption guaranteed to be random
  • Pkcs11 - How to add signature to xml file?
  • Add Standalone ASP.Net Application Into Existing ASP.Net Website
  • Getting Error like imap_open(): Couldn't open stream in server
  • Generate valid CMS Signature file adding external PKCS#1 with Java
  • Error : java.security.cert.CertificateException: Illegal given domain name: abc_xyz.stg.myweb.com
  • Same cURL script works in dev. Can't figure out why not in production
  • ERR_SSL_PROTOCOL_ERROR with Heroku, Node, Express, SSL
  • Securing web server against MITM attack in Safari
  • API secured by PKCS#7 cryptographic message
  • Non-wildcard certificates with dynamic apache vhosts
  • WCF error “The X.509 certificate chain building failed” despite trusted root CA
  • Asking SslStream to accept ONLY a certificate signed by a particular public key
  • PHP: Get HTTP Protocol Version (HTTP/1.1 vs HTTP/2)
  • UIImagePickerControllerDelegate Methods Not Called When Delegate Not UIViewController
  • Base64 as method of sanitizing user input for Mysql
  • Command line installation of Code Signing certificates, .p12 files, and mobileprovisions
  • Installing Perl6 and Panda on Ubuntu 15.10. Problems with bootstrap.pl
  • Can my PDF ping my server when it is opened?
  • Android full screen on only one activity?
  • SignalR .NET Client Invoke throws an exception
  • Azure Cloud Service Web Role web pages do not load
  • Accessing IRQ description array within a module and displaying action names
  • coudnt use logback because of log4j
  • How do I configure my settings file to work with unit tests?
  • IndexOutOfRangeException on multidimensional array despite using GetLength check
  • Authorize attributes not working in MVC 4
  • Busy indicator not showing up in wpf window [duplicate]
  • Binding checkboxes to object values in AngularJs
  • Python/Django TangoWithDjango Models and Databases
  • Net Present Value in Excel for Grouped Recurring CF