Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Can you authenticate using server1.key (or its .ppk equivalent) using any SSH/SFTP client on that Windows machine?
WhiteTiger-IT

martin wrote:

How do you authenticate "from the linux terminal"?

Simply by using ssh
I created a config file with the indications of the various servers and where the private key is located on my PC, then I type ssh Host-Name
For example (in this Host-Name=server1):
Host server1

     HostName 192.168.100.100
     User user1
     IdentityFile ~/.ssh/server1.key


In this way, with ssh server1 first I have to type the key password; then I have to type the password of user1; then, if I need it, I type su - and I have to type the password for the root.
Obviously without any error.

Instead, if I connect to the same server from putty (using the ppk key), it first gives me an error Server refused our key, then immediately asks me for the password of user1.
martin

Re: Key is correct, but refused

How do you authenticate "from the linux terminal"?
WhiteTiger-IT

Key is correct, but refused

I generated an SSH key with PuTTYGen.
I copied authorized_keys to the debian server and the private .ppk key to the PC.
If from the linux terminal I launch an SSH session I can connect without errors.
If instead I try to connect from PuTTY (both from Win10 and Linux) I get the error Server refused our key.
I have tried several times, even generating different keys, with length 2048 and 4096.
I don't understand where I'm wrong.
Until I am sure that the key is always accepted, I obviously cannot block access with passwords.

This is the log of the last session.
PuTTY didn't accept the key, but he accepted the user's login.
2020-06-18 10:51:53   Looking up host "192.168.201.11" for SSH connection

2020-06-18 10:51:53   Connecting to 192.168.201.11 port 1022
2020-06-18 10:51:53   We claim version: SSH-2.0-PuTTY_Release_0.73
2020-06-18 10:51:53   Remote version: SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
2020-06-18 10:51:53   Using SSH protocol version 2
2020-06-18 10:51:53   No GSSAPI security context available
2020-06-18 10:51:53   Doing ECDH key exchange with curve Curve25519 and hash SHA-256 (unaccelerated)
2020-06-18 10:51:53   Server also has ecdsa-sha2-nistp256/ssh-rsa host keys, but we don't know any of them
2020-06-18 10:51:53   Host key fingerprint is:
2020-06-18 10:51:53   ssh-ed25519 255 d8:8f:87:27:ca:87:01:86:20:6e:9e:a0:14:b7:d4:21
2020-06-18 10:51:53   Initialised AES-256 SDCTR (unaccelerated) outbound encryption
2020-06-18 10:51:53   Initialised HMAC-SHA-256 (unaccelerated) outbound MAC algorithm
2020-06-18 10:51:53   Initialised AES-256 SDCTR (unaccelerated) inbound encryption
2020-06-18 10:51:53   Initialised HMAC-SHA-256 (unaccelerated) inbound MAC algorithm
2020-06-18 10:51:53   Reading key file "L:\Chiavi-SSH\LS-ULHQ-1-PuTTY-Private-Key.ppk"
2020-06-18 10:51:53   Writing new session log (raw mode) to file: putty.log
2020-06-18 10:52:04   Offered public key
2020-06-18 10:52:04   Server refused our key
2020-06-18 10:52:04   Attempting keyboard-interactive authentication
2020-06-18 10:52:18   Access granted
2020-06-18 10:52:18   Opening main session channel
2020-06-18 10:52:18   Opened main channel
2020-06-18 10:52:18   Allocated pty
2020-06-18 10:52:18   Started a shell/command


This is the sshd-config
Port 1022

ListenAddress 0.0.0.0
PermitRootLogin no
PubkeyAuthentication yes
AuthorizedKeysFile   .ssh/authorized_keys .ssh/authorized_keys2
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication yes
UsePAM yes
X11Forwarding yes
PrintMotd no
AcceptEnv LANG LC_*
Subsystem   sftp   /usr/lib/openssh/sftp-server