SSH Keys question
- Thread starter MiloW
- Start date
Richard G
Verified User
Depends on what you want a key for.
I generate a key and then I put the pub key in /root/.ssh/authorized_keys file via SSH.
I generate a key and then I put the pub key in /root/.ssh/authorized_keys file via SSH.
Richard G
Verified User
You have to login as root via SSH. Credentials to login should be present for your server or VPS.
Some systems have root login disabled by default. In that case you login via SSH, then change via
Don't use the DA stuff to create your keyfile, use the one from putty.
I don't know in how for this is known stuff for you, but otherwise you have to point to me where exactly it goes wrong.
Are you able to login as root via SSH?
Why can't your get to /root/.ssh is it non existing or is there another issue and if yes, what?
Also I've seen lately a VPS which didn't even have a .ssh directory in the /root/ directory. In that case you have to create it yourself.
After that you can create the authorized_keys file in the .ssh directory and chmod the file to 600.
Some systems have root login disabled by default. In that case you login via SSH, then change via
su - to root and enter your root credentials.Don't use the DA stuff to create your keyfile, use the one from putty.
I don't know in how for this is known stuff for you, but otherwise you have to point to me where exactly it goes wrong.
Are you able to login as root via SSH?
Why can't your get to /root/.ssh is it non existing or is there another issue and if yes, what?
Also I've seen lately a VPS which didn't even have a .ssh directory in the /root/ directory. In that case you have to create it yourself.
Code:
cd /root
mkdir .ssh
chown 700 .ssh -R
MiloW
New member
- Joined
- Jan 6, 2024
- Messages
- 23
I am able to log in via root, generally I am able to get myself around ssh... strangely, I don't have .ssh (Debian)...
I thought this would be there anyway.
I have a problem with unix systems that solutions are like:
"go to /etc/something/blahblah/something.conf and in line 34 change from netasfox=214 to netasfox=" and read it in file /usr/blahblah.conf in line 45" and then it turns out there is no line 34 in something.conf or netasfox is netbxfox and not netasfox or there is no /usr/blahblah.conf file... this infuriates me...
I thought this would be there anyway.
I have a problem with unix systems that solutions are like:
"go to /etc/something/blahblah/something.conf and in line 34 change from netasfox=214 to netasfox=" and read it in file /usr/blahblah.conf in line 45" and then it turns out there is no line 34 in something.conf or netasfox is netbxfox and not netasfox or there is no /usr/blahblah.conf file... this infuriates me...
Richard G
Verified User
Normally yes, but not always, sometimes if Openssl is installed it's not created. I've encountered this issue also on a Debian 11 VPS little while ago.
I don't know anything abot netasfox or something. I do know that Debian can use apparmor, but I don't need if any change or update is required to use the SSH key.
I wonder why it's refusing your SSH key because I presume Openssl is installed.
Indeed normally Putty has widely known format.
Check your /etc/ssh/sshd_config for the line:
AuthorizedKeysFile .ssh/authorized_keysand check if it's not commented. If it's commented, remove the comment and restart SSH.
Also check your /var/log/auth.log or secure.log to see the reason for refusing your key.
Also be sure that your key is 1 line without spaces or anything. This is the reason I always put in my key with VI instead of nano.
Maybe this will help too.
Trying to do ssh authentication with key files: server refused our key
I'm trying to setup ssh authentication with key files in stead of username/password. The client is a Windows box running PuTTY and the server is a Ubuntu 12.04 LTS server. I downloaded puttygen.exe...
askubuntu.com
Richard G
Verified User
Hmmz... and you're sure openssl is installed too correctly? And you're logged in as full root?
I don't think it's an image question, because the image only installs the OS and then it's up to the OS to decide what's possible and what not.
I don't know which kind of key you generated. I use SecureCRT, however that's a paid application, and imho it's worth it's costs but I had to change keys some time ago too. It required another kind of keypair. Maybe that is the cause.
Maybe try using a RSA 2048 or ECDSA 2048 keypair and see if that works.
Otherwise I'm prepared to have a short look for you (for free) and test if some keypair of mine will work, however that would mean I have to login to your server, not everybody is prepared to have this done. If yes you can contact me by pm.
I don't think it's an image question, because the image only installs the OS and then it's up to the OS to decide what's possible and what not.
I don't know which kind of key you generated. I use SecureCRT, however that's a paid application, and imho it's worth it's costs but I had to change keys some time ago too. It required another kind of keypair. Maybe that is the cause.
Maybe try using a RSA 2048 or ECDSA 2048 keypair and see if that works.
Otherwise I'm prepared to have a short look for you (for free) and test if some keypair of mine will work, however that would mean I have to login to your server, not everybody is prepared to have this done. If yes you can contact me by pm.