Question

18

How to fix Permission Denied (Public key) error?

rated 0 times [ 18] [ 0] / answers: 1 / hits: 210572 / 1 Year ago, mon, november 21, 2022, 7:17:16

While trying to communicate between my desktop Ubuntu 12.10 and Fedora 19 desktop, I am facing the error of Permission Denied (Public key).

I am able to login through ssh from fedora to Ubuntu, but not vice-versa.

I even performed telnet on both machines via port 22 and both machines are listening, but not through ssh. What to do? Any idea?

My sshd_config file is as follows:

# Package generated configuration file

# See the sshd_config(5) manpage for details



# What ports, IPs and protocols we listen for

Port 22

# Use these options to restrict which interfaces/protocols sshd will bind to

#ListenAddress ::

#ListenAddress 0.0.0.0

Protocol 2

# HostKeys for protocol version 2

HostKey /etc/ssh/ssh_host_rsa_key

HostKey /etc/ssh/ssh_host_dsa_key

HostKey /etc/ssh/ssh_host_ecdsa_key

#Privilege Separation is turned on for security

UsePrivilegeSeparation yes



# Lifetime and size of ephemeral version 1 server key

KeyRegenerationInterval 3600

ServerKeyBits 768



# Logging

SyslogFacility AUTH

LogLevel INFO



# Authentication:

LoginGraceTime 120

PermitRootLogin yes

StrictModes yes



RSAAuthentication yes

PubkeyAuthentication yes

#AuthorizedKeysFile    %h/.ssh/authorized_keys



# Don't read the user's ~/.rhosts and ~/.shosts files

IgnoreRhosts yes

# For this to work you will also need host keys in /etc/ssh_known_hosts

RhostsRSAAuthentication no

# similar for protocol version 2

HostbasedAuthentication no

# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication

#IgnoreUserKnownHosts yes



# To enable empty passwords, change to yes (NOT RECOMMENDED)

PermitEmptyPasswords no



# Change to yes to enable challenge-response passwords (beware issues with

# some PAM modules and threads)

ChallengeResponseAuthentication no



# Change to no to disable tunnelled clear text passwords

PasswordAuthentication yes



# Kerberos options

#KerberosAuthentication no

#KerberosGetAFSToken no

#KerberosOrLocalPasswd yes

#KerberosTicketCleanup yes



# GSSAPI options

GSSAPIAuthentication no

GSSAPICleanupCredentials yes



X11Forwarding yes

X11DisplayOffset 10

PrintMotd no

PrintLastLog yes

TCPKeepAlive yes

#UseLogin no



#MaxStartups 10:30:60

#Banner /etc/issue.net



# Allow client to pass locale environment variables

AcceptEnv LANG LC_*



Subsystem sftp /usr/lib/openssh/sftp-server



# Set this to 'yes' to enable PAM authentication, account processing,

# and session processing. If this is enabled, PAM authentication will

# be allowed through the ChallengeResponseAuthentication and

# PasswordAuthentication.  Depending on your PAM configuration,

# PAM authentication via ChallengeResponseAuthentication may bypass

# the setting of "PermitRootLogin without-password".

# If you just want the PAM account and session checks to run without

# PAM authentication, then enable this but set PasswordAuthentication

# and ChallengeResponseAuthentication to 'no'.

UsePAM yes

This is sshd_config of ubuntu system.

ssh -v fedora_machine

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

rieency

Add To Favorites

Follow

Total Points: 299

Total Questions: 116

Total Answers: 111

Location: Wales

Member since Tue, Dec 14, 2021

2 Years ago

answered 1 Year ago afyess · Accepted Answer

As you have noted, the Fedora box you are logging in to was not set up to allow password authentication, only public key authentication - this can be seen from the ssh -v result.

So one solution is to add password authentication, as you have done.

The other method would be to take the contents of ~/.ssh/id_rsa.pub on the Ubuntu box and add it to the file ~/.ssh/authorized_keys on the Fedora box.

Now that you have password authentication enabled, you can install the authorized key with this command on the Ubuntu box:

$ ssh-copy-id fedora_box