Join Log in
Score:1
gonzalez.ivan90 avatar Ubuntu

Server refused our key - No supported authentication methods available (server sent: publickey) - Permission denied (publickey): Ubuntu server

gr flag
gonzalez.ivan90

I have an AWS EC2 instance running. I was able to connect using my chomed (-r--------) keys using MobaXTerm and SSH (Ubuntu for Windows) (.pem key) and putty (.ppk key). I'm also working on the server using a IDL (Rstudio server), so the instance is running. At some point I couldn't connect again using Moba+Ssh+Putty, without making any change in keys or internal config commands on the instance.

These are the connection errors I got from those software (again, changing anyhong):

  • MobaXterm: Server refused our key --- No supported authentication methods available (server sent: publickey)
  • Putty: Server refused our key --- No supported authentication methods available (server sent: publickey)
  • ssh: Permission denied (publickey).

I saw some posts but they require to be connected to the server in order to modify files/permissions from inside. I can access some system files with the IDL (Rstudio) but as a particular user, not root.

Any ideas?

EDIT: Following @Jos suggestion, I used the -vv parameter. Here the answer

`

~$: ssh -vv -i "key.pem" [email protected]
OpenSSH_8.2p1 Ubuntu-4ubuntu0.4, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "ec2-ip.us-east-2.compute.amazonaws.com" port 22
debug2: ssh_connect_direct
debug1: Connecting to ec2-ip.us-east-2.compute.amazonaws.com [ip] port 22.
debug1: Connection established.
debug1: identity file key.pem type -1
debug1: identity file key.pem-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Ubuntu-3ubuntu0.3
debug1: match: OpenSSH_8.9p1 Ubuntu-3ubuntu0.3 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to ec2-ip.us-east-2.compute.amazonaws.com:22 as 'ubuntu'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,[email protected],rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected],zlib
debug2: compression stoc: none,[email protected],zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,[email protected],diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected]
debug2: compression stoc: none,[email protected]
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:5dFj4Av5Ln0oYtTRBYdcFKPe3hlTb5Fr9Q4Iok056UM
debug1: Host 'ec2-ip.us-east-2.compute.amazonaws.com' is known and matches the ECDSA host key.
debug1: Found key in /home/user/.ssh/known_hosts:7
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: key.pem  explicit
debug2: pubkey_prepare: done
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected]>
debug1: kex_input_ext_info: [email protected] (unrecognised)
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: key.pem
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
[email protected]: Permission denied (publickey).`
148
1 + 3
ssh
uz flag
Jos
Please try to login with `ssh -vv` and note the more verbose error messages that you get. Then edit your question and add the messages.
0
Reply
waltinator avatar
it flag
waltinator
Your `ssh` command (client) tells the `sshd` server "I can do these authentication methods (here's a list)". The `sshd` server has a list of authentication methods, and compares lists. In your case, there is no authentication method they have in common. Can be fixed on client or werver. `ssh -v ...` is enough to show you the two lists. Read `man ssh sshd ssh_config sshd_config`.
2
Reply
waltinator avatar
it flag
waltinator
@Jos `ssh -v` is enough verbosity to show the server and client auth lists. `ssh -vv` risks burying oneself in useless verbage, and don't even get me started on `ssh -vvv ...`.
0
Reply
Score:0
gonzalez.ivan90 avatar Ubuntu
gr flag
gonzalez.ivan90

After some time I realized:

  • I changed my home (ubuntu user) by executing: sudo chown -R shiny:shiny /home/ubuntu in order to get writing permissions.

  • I could access my machine by using root user in Mobaxterm or ssh: ssh -vv -i "key.pem" [email protected]

  • Then changed again my ubuntu user home ownership: sudo chown -R ubuntu:ubuntu /home/ubuntu

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.