Join Log in
Score:0
Chris avatar Ubuntu

How to SSH after deleting ~/.ssh folder

bq flag
Chris

I was getting prompted to enter my password instead of authenticating with my SSH key. I thought if I deleted everything in ~/.ssh I would be able to generate a new key from my laptop, manually copy the public key, and use my SFTP client (Transmit) to add to authorized_keys on my server. Unfortunately, that did not work. I'm able to r+w in ~/.ssh, but I'm not able to edit /etc/ssh/sshd_config to enable PasswordAuthentication, through the SFTP client. I tried attaching the server (named "ubuntu") to a display that outputs:

Ubuntu 23.04 ubuntu ttyl ubuntu login:

It outputs incorrectly on everything I've tried. Is this something that can be fixed? Any suggestions would be greatly appreciated.

Link to: /var/log/auth.log https://drive.google.com/file/d/14adetEqSXUmM9-eh5ZSrvQvgP6n3ESYA

Here's the output of ➜ ssh -vvv -i id_rsa caleb@192.168.1.19 https://drive.google.com/file/d/1Ue1RS0_5JQl6_lnE65mpuscqxWfej16e

chrishall in ~/.ssh via ⬢ v19.8.1
➜ ssh -o "IdentitiesOnly=yes" -i id_ed25519 caleb@192.168.1.19
caleb@192.168.1.19: Permission denied (publickey).

chrishall in ~/.ssh via ⬢ v19.8.1
➜ ssh -o "IdentitiesOnly=yes" -i id_rsa caleb@192.168.1.19
caleb@192.168.1.19: Permission denied (publickey).

chrishall in ~/.ssh via ⬢ v19.8.1
➜ ssh -v id_ed25519 caleb@192.168.1.19
OpenSSH_9.0p1, LibreSSL 3.3.6
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/* matched no files
debug1: /etc/ssh/ssh_config line 54: Applying options for *
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Connecting to id_ed25519 port 22.
ssh: Could not resolve hostname id_ed25519: nodename nor servname provided, or not known

chrishall in ~/.ssh via ⬢ v19.8.1
➜ ssh -v id_rsa caleb@192.168.1.19
OpenSSH_9.0p1, LibreSSL 3.3.6
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: include 
/etc/ssh/ssh_config.d/* matched no files
debug1: /etc/ssh/ssh_config line 54: Applying options for *
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Connecting to id_rsa port 22.
ssh: Could not resolve hostname id_rsa: nodename nor servname provided, or not known
57
0 + 9
ssh
hr flag
steeldriver
If you can r+w in ~/.ssh, can't you just create a new ~/.ssh/authorized_keys file containing the new public key? why do you need to edit /etc/ssh/sshd_config?
0
Reply
Chris avatar
bq flag
Chris
I did but the server doesn't seem to recognize the change. Since I'm not able to use terminal, I'm not able to sudo systemctl restart ssh. I tried to restart the server at no result.
0
Reply
hr flag
steeldriver
The new key should be recognized without restarting the server - the usual "gotcha" is overly permissive permissions on the file and/or ~/.ssh directory - at a minimum, they must not be writable by anyone other than the owner (I suggest 600 and 700 respectively)
3
Reply
Chris avatar
bq flag
Chris
Those are the permissions on both my local computer and server. I tried adding another key, but both are still being denied because of the /etc/ssh/sshd_config file on my server. I added a few commands above that might help.
0
Reply
waltinator avatar
it flag
waltinator
Read `man ssh`. It will explain the required permission for `~/.ssh/`, and will explain what you lost when you "deleted everything in `~/.ssh`". I think you've lost all `ssh`, `sftp` access to this system, for this userid. Can you connect a USB (or not) keyboard and mouse (along with your display). Use a powered USB Hub. Login, fix the permission on `~/.ssh/`, run `ssh-keygen`, and fix the errors. Read `man ssh-keygen`. For next time, read `man ssh-copy-id`. For completeness, read `man -k ssh`.
0
Reply
mpboden avatar
do flag
mpboden
Can you login to the server directly? If so, you should be able to edit `/etc/ssh/sshd_config` and set `PasswordAuthentication yes`. That way, you can at least login with a password. Are you appending your public key to `~/.ssh/authorized_keys` on server? Next, I think @steeldriver is correct about incorrect permissions. On server...`~/.ssh/` should be 700 & `~/.ssh/authorized_keys` should be 600. On local, `~/.ssh/` should be 700 & your private key should be 600. Next, ensure `~/.ssh/` & `~/.ssh/authorized_keys` on server are owned by user you're logging in with.
0
Reply
Chris avatar
bq flag
Chris
@mpboden When I connect a display, keyboard, and mouse to try and connect directly, the prompt says `Ubuntu 23.04 ubuntu ttyl ubuntu login:` and outputs `Login incorrect` for any username I enter. `~/.ssh/` is 700, `~/.ssh/authorized_keys` and private keys are 600, public keys are 644 on local and server owned by my username. Any idea why it's rejecting my username when I'm connected directly?
0
Reply
mpboden avatar
do flag
mpboden
I’d start here: [How do I reset a lost administrative password?](https://askubuntu.com/a/24024/1684306)
0
Reply
Chris avatar
bq flag
Chris
That gave me the idea to boot to recovery mode, enter root shell, and from there, I was able to edit the sshd_config file. Thanks for everyone's help!
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.