Second user2 not able to Deny SSH ermission denied (publickey,gssapi-keyex,gssapi-with-mic).

[taker18]

I have a second user who is not able to SSH

ermission denied (publickey,gssapi-keyex,gssapi-with-mic).
after diable the password for this use and upload the Public key still not able to SSH

However I am able to SSH normally with public-private key with the first user1

I made sure that public key is already there on the user2 "nano ~/.ssh/authorized_keys"
Any idea how I fix this
Thank you

 

[marson]

Check permissions and ovnership - as root try to execute following commands:

chown -R user2:user2 /home/user2/.ssh
chmod 700 /home/user2/.ssh
chmod 600 /home/user2/.ssh/authorized_keys

 

[taker18]

Exactly this is the solution Thank you @marson

I take it back By mistake I was using different user, so the answer no not working, I am sorry

 

[taker18]

I am able to SSH with the password, but not with Public and Private SSH

 

[Richard G]

Then something might be wrong with the key or something like that.

Did you give the user SSH permission via directadmin or only manually?

 

[taker18]

Then something might be wrong with the key or something like that.

Did you give the user SSH permission via directadmin or only manually?

good question, that when the trouble started: my user 2 is the laptop so far so good, but when I am trying to send the public key with the command " scp ~/.ssh/id_rsa.pub laptop@ip:~/.ssh/authorized_keys" always has issue with the port 22 even while the port 22 is working and open no issue.
so I ended up adding the public key manually; by the way, this is not the first time it has happened to me, but I just gave up investigating more.

ok I figured out what caused the issue but not the solution -----> My terminal at the local laptop keeps using the default public key id_rsa.pub
which I use to ssh to another server and still using it and able to ssh with no issue. BUT
BUT I created new public key with the new name "user2" and now my local ~.ssh has 2 keys. so my laptop is not able to use user2.pub key and keep using the default id_rsa.pub. How did i know that? well I tested it
I manually add my default id_rsa.pub key to the new server ~.ssh authorized_key file on remote server, and I was able SSH successfully and it work.

But as you see my goal is not to use the same key with every single server. how can i make my laptop read this key for a particular server.
so for lengthy writing

 

[Richard G]

how can i make my laptop read this key for a particular server.
so for lengthy writing

Ah oke I see what you mean.
Just FYI the way I do it is using the same SSK key for every server used for hosting. My SSH key has a password on it as you know. So even if one key get's stolen, they can't do anything with it and before they are able to hack it, I already can create a new one.
So always use a password on the SSH key just to be sure.

Then for a few other servers for a friend, non-hosting, I use another SSH key.

I don't know what program you use, but you should be able to choose which server uses which SSH key.
Personally I use the program SecureCRT for all my servers. It's a great program. However, it's not cheap, but works great and support is also great, even if your updates are expired. I'm still working with an older version.
With that I can easily choose with every server, which key exchange to use (aes, diffy-hellman, which authentication method, terminal options and a whole lot more.

Most likely some of the free program's can do this too. Putty can't do this as nice. Maybe Bitvise (free) can and there is another putty version, I forgot the name but @ericosman can tell you the name of that Putty version (not extra putty).

 

[taker18]

.
Most likely some of the free program's can do this too. Putty can't do this as nice. Maybe Bitvise (free) can and there is another putty version, I forgot the name but @ericosman can tell you the name of that Putty version (not extra putty).

I think Putty for windows, I am using mac Terminal, if @ericosman can tell us would be great

 

[taker18]

Here is the solution: we need to specify which key I am going to use which need to include that on SSH


ssh -i ~/.ssh/user2 [email protected] -p ????
than get prompted to the SSH key passphrase on the local machine.
here we go using the SSH public-private key with different keys on the local machine.
sounds like a lot of work I hope for something simpler

 

[taker18]

for the record:
an easy and simpler way to add spicfy a particulate key on your local machine while at the same time using different key for each server

Create a config file to control which key to be used on which server

nano ~/.ssh/config

Then edit this way below:

Host potato2 (anything word you like)

Hostname server.domain.com or IP
User admin1
Port ???
IdentityFile ~/.ssh/privatekey1

Host Superman

Hostname server.domain.com or IP
User admin 2
Port ????
IdentityFile ~/.ssh/id_rsa

Testing Time to SSH

$ SSH potato2

password prompted for the SSH key now you are in

$ SSH Superadmin

enter the SSH key password, and you are in

 

[ericosman]

termius for mac is pretty nice )

 

[floyd]

termius for mac is pretty nice )

Also works with Windows, Linux, iPhone, Android and syncs all devices.