One of the things on my to do was to move away from plain text authentication on this website’s server.
2 advantages to this:
- Rsync-ing files is easy - I don’t have to type in password.
- It is more secure.
To disable plain text password, edit /etc/ssh/sshd_config/ and set PasswordAuthentication no.
I was prompted user@server_ip: Permission denied (publickey). despite having the public key in the authorized_keys file.
SSH-ing using password was working though. Every time I sat to figure this out I quickly gave up because I couldn’t spot anything obvious.
Today I finally perserved on this by not doing “samething over and over and expecting different results”. Rather turned on my developer-debugger hat.
First of starting from the first.
- I deleted the
authorized_keysfile and recreated it. - Ran the
ssh-copy-idand ensured that I copied the right public key file.
But that didn’t work.
Next I set the debug flag to see if that would lead me on the right path
ssh user@server-ip -vvvv
Alas that too was a dead end!
Reading more on SO, I checked to see if ~/.ssh and ~/.ssh/authorized_keys had the right permissions.
And it did!
Onething I overlooked was the home folder itself.
There were 2 issues one was that I did something and the home folder for the user wasn’t owned by that user Strange right? /Abhinav is wondering what was I thinking or why did I do this? Next was the permission, I read in a SO post that this is the right permissions for the folders
/home/user -> 700
/home/user/.ssh -> 600/644
/home/user/.ssh/authorize_keys -> 600/644This fixed the issue for me.