ssh - permission denied (publickey)

    • OMV 4.x
    • Resolved

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • ssh - permission denied (publickey)

      Hi,

      This is my first post on this forum. Thanks to all for your contributions !

      I have installed omv4 on a HC2 (installed from the omv image on sourceforge) and I would try to connect to it by using SSH with a public key authentication. For that, I have followed this guide.

      The following SSH configuration were done
      • Disable the root login
      • Disable password authentication
      • Enable public key authentication (PKA)
      • Enable compression
      • Enable tunneling
      I created a new user (omvuser1) with both sudo and ssh group and I ran the following commands

      ssh-keygen -f ~/.ssh/sshacess/sshremote -t rsa

      ssh-keygen -e -f ~/.ssh/sshacess/sshremote.pub

      with a copy/paste the output to

      Access Right Management | Users | <USERNAME> | Edit | Public Keys

      My config file (~/.ssh/config) looks like

      Source Code

      1. Host omv.workgroup
      2. Hostname 192.168.1.168
      3. User omvuser1
      4. Compression yes
      5. Port 56236
      6. IdentityFile ~/.ssh/sshaccess/
      To connect via SSH, I use the command below

      ssh -p 56236 -i ~/.ssh/sshacess omvuser1@192.168.1.168

      Unfortunately, I have this message

      "Load key "/home/omvuser1/.ssh/sshacess": Is a directory
      omvuser1@192.168.1.168: Permission denied (publickey)."


      To debug, I used the command ssh -vvv -p 56236 -i ~/.ssh/sshacess omvuser1@192.168.1.168, the result is below:

      Source Code

      1. OpenSSH_7.9p1, OpenSSL 1.1.1b 26 Feb 2019
      2. debug1: Reading configuration data /home/omvuser1/.ssh/config
      3. debug1: Reading configuration data /etc/ssh/ssh_config
      4. debug2: resolve_canonicalize: hostname 192.168.1.168 is address
      5. debug2: ssh_connect_direct
      6. debug1: Connecting to 192.168.1.168 [192.168.1.168] port 56236.
      7. debug1: Connection established.
      8. debug1: identity file /home/omvuser1/.ssh/sshacess type -1
      9. debug1: identity file /home/omvuser1/.ssh/sshacess-cert type -1
      10. debug1: Local version string SSH-2.0-OpenSSH_7.9
      11. debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Debian-10+deb9u6
      12. debug1: match: OpenSSH_7.4p1 Debian-10+deb9u6 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
      13. debug2: fd 3 setting O_NONBLOCK
      14. debug1: Authenticating to 192.168.1.168:56236 as 'omvuser1'
      15. debug3: put_host_port: [192.168.1.168]:56236
      16. debug3: hostkeys_foreach: reading file "/home/omvuser1/.ssh/known_hosts"
      17. debug3: record_hostkey: found key type ECDSA in file /home/omvuser1/.ssh/known_hosts:1
      18. debug3: load_hostkeys: loaded 1 keys from [192.168.1.168]:56236
      19. debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
      20. debug3: send packet: type 20
      21. debug1: SSH2_MSG_KEXINIT sent
      22. debug3: receive packet: type 20
      23. debug1: SSH2_MSG_KEXINIT received
      24. debug2: local client KEXINIT proposal
      25. debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
      26. debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
      27. debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
      28. debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
      29. debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
      30. debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
      31. debug2: compression ctos: none,zlib@openssh.com,zlib
      32. debug2: compression stoc: none,zlib@openssh.com,zlib
      33. debug2: languages ctos:
      34. debug2: languages stoc:
      35. debug2: first_kex_follows 0
      36. debug2: reserved 0
      37. debug2: peer server KEXINIT proposal
      38. debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
      39. debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
      40. debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
      41. debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
      42. debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
      43. debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
      44. debug2: compression ctos: none,zlib@openssh.com
      45. debug2: compression stoc: none,zlib@openssh.com
      46. debug2: languages ctos:
      47. debug2: languages stoc:
      48. debug2: first_kex_follows 0
      49. debug2: reserved 0
      50. debug1: kex: algorithm: curve25519-sha256
      51. debug1: kex: host key algorithm: ecdsa-sha2-nistp256
      52. debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
      53. debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
      54. debug3: send packet: type 30
      55. debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
      56. debug3: receive packet: type 31
      57. debug1: Server host key: ecdsa-sha2-nistp256 SHA256:OGFK9K9cX1F5jXOstN2T1WkTqY25DCdtSD5mhvsoHzo
      58. debug3: put_host_port: [192.168.1.168]:56236
      59. debug3: put_host_port: [192.168.1.168]:56236
      60. debug3: hostkeys_foreach: reading file "/home/omvuser1/.ssh/known_hosts"
      61. debug3: record_hostkey: found key type ECDSA in file /home/omvuser1/.ssh/known_hosts:1
      62. debug3: load_hostkeys: loaded 1 keys from [192.168.1.168]:56236
      63. debug3: hostkeys_foreach: reading file "/home/omvuser1/.ssh/known_hosts"
      64. debug3: record_hostkey: found key type ECDSA in file /home/omvuser1/.ssh/known_hosts:1
      65. debug3: load_hostkeys: loaded 1 keys from [192.168.1.168]:56236
      66. debug1: Host '[192.168.1.168]:56236' is known and matches the ECDSA host key.
      67. debug1: Found key in /home/omvuser1/.ssh/known_hosts:1
      68. debug3: send packet: type 21
      69. debug2: set_newkeys: mode 1
      70. debug1: rekey after 134217728 blocks
      71. debug1: SSH2_MSG_NEWKEYS sent
      72. debug1: expecting SSH2_MSG_NEWKEYS
      73. debug3: receive packet: type 21
      74. debug1: SSH2_MSG_NEWKEYS received
      75. debug2: set_newkeys: mode 0
      76. debug1: rekey after 134217728 blocks
      77. debug1: Will attempt key: /home/omvuser1/.ssh/sshacess explicit
      78. debug2: pubkey_prepare: done
      79. debug3: send packet: type 5
      80. debug3: receive packet: type 7
      81. debug1: SSH2_MSG_EXT_INFO received
      82. debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
      83. debug3: receive packet: type 6
      84. debug2: service_accept: ssh-userauth
      85. debug1: SSH2_MSG_SERVICE_ACCEPT received
      86. debug3: send packet: type 50
      87. debug3: receive packet: type 51
      88. debug1: Authentications that can continue: publickey
      89. debug3: start over, passed a different list publickey
      90. debug3: preferred publickey,keyboard-interactive,password
      91. debug3: authmethod_lookup publickey
      92. debug3: remaining preferred: keyboard-interactive,password
      93. debug3: authmethod_is_enabled publickey
      94. debug1: Next authentication method: publickey
      95. debug1: Trying private key: /home/omvuser1/.ssh/sshacess
      96. Load key "/home/omvuser1/.ssh/sshacess": Is a directory
      97. debug2: we did not send a packet, disable method
      98. debug1: No more authentication methods to try.
      99. omvuser1@192.168.1.168: Permission denied (publickey).
      Display All

      I hope someone could help me !
      Thanks in advance !

      Kind regards
      stblaise