I'm setting up password-free ssh connection to a debian remote server. I've generated a key on my local machine and placed the key in both /root/.ssh/authorized_keys and /home/user/.ssh/authorized_keys. The permissions are set to 700 for .ssh and 600 for authorized_keys. The user is "root as user" and has sudo privileges.
So I can ssh in directly as root: ssh root@server. Good.
But when I try to ssh in directly as user I see:
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to server.xxx [24.11.45.113] port 22.
debug1: Connection established.
...
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.5
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.7p1 Debian-1
debug1: match: OpenSSH_8.7p1 Debian-1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to server.xxx:22 as 'user'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:GALVeyDsqFCWLB/7hh6JWnqt5swCSl3VeYnt0dJ0HzE
debug1: Host 'server.xxx' is known and matches the ECDSA host key.
debug1: Found key in /home/localuser/.ssh/known_hosts:5
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected]>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: ED25519 SHA256:YcJ7U0/gHFMRFlLWWpHdMF/6mAt3gmxCML6dAQPAGDw /home/localuser/.ssh/id_ed25519
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/localuser/.ssh/id_rsa
debug1: Trying private key: /home/localuser/.ssh/id_dsa
debug1: Trying private key: /home/localuser/.ssh/id_ecdsa
debug1: Next authentication method: password
[email protected]'s password:
So it skips right to password instead of accepting the private key.
There aren't any errors in tail /var/log/auth.log, just the comment
Nov 9 12:24:04 server sudo: pam_unix(sudo:session): session opened for user root(uid=0) by user(uid=1003)
Any ideas why user (with sudo privileges) can't ssh directly in, but root can with the same key?
