10

I'm trying to connect to a remote SSH server using a private key at ~/.ssh/id_rsa. When I ssh -v to the server I get the following:

...
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/martin/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: martin@martin
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/martin/.ssh/id_dsa
debug1: Trying private key: /home/martin/.ssh/id_ecdsa
debug1: Trying private key: /home/martin/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey).

Looking at the output, it seems like it's not even trying my private key. I've tried editing ~/.ssh/config, using the -i option, adding the key via ssh-add, and nothing's working.

I'm positive that the public key is properly installed at the remote server. Anyone can help me?

Edit:

martin@martin:~/.ssh$ ls -la
total 20
drwx------  2 martin martin 4096 feb 26 09:44 .
drwxr-xr-x 41 martin martin 4096 feb 26 09:37 ..
-rw-------  1 martin martin 1766 feb 25 16:31 id_rsa
-rw-r--r--  1 martin martin  409 feb 25 16:31 id_rsa.pub
-rw-r--r--  1 martin martin  540 feb 26 09:46 known_hosts
Martin
  • 226
  • 1
  • 2
  • 7
  • 1
    If your key is `id_rsa`, it **is** being offered; see "*debug1: Offering RSA public key: /home/martin/.ssh/id_rsa*". – MadHatter Feb 26 '16 at 13:47
  • 1
    Then the output is confusing. `id_rsa` is my private key, while the output says it's public. Anyway, why isn't it working? – Martin Feb 26 '16 at 13:48
  • 1
    Not very confusing, no. And we can't tell why it's not working from the information presented here. As drookie says, you'll need to check the logs on the **server** side; the client is not told why a key is refused, because that would violate security. – MadHatter Feb 26 '16 at 13:50
  • 1
    If you call the private key file "public", then yes, it is confusing. Especially when it later lists the other files as "private keys". – Martin Feb 26 '16 at 13:51
  • @Martin, can it be that you have copied the wrong key to the remote server or file permission is wrong? Check it again and make sure you have copied the public key to the remote server, in authorized_keys file, and file permission and ownership are correct. – Diamond Feb 26 '16 at 14:02
  • 3
    Those of us who are used to dealing with openssh are used to its little idiosyncracies. In any case, this question is founded on a mistake; you may wish to accept drookie's answer and move onto investigating *why* the remote server won't honour your keypair. That is a good question - and there are a number like it on SF already - but it isn't *this* question. – MadHatter Feb 26 '16 at 14:09
  • 2
    I'm voting to close this question as off-topic because the question is based on the incorrect assumption that the client is not trying to use the key. – kasperd Feb 26 '16 at 14:59
  • Close it if you want to, as long as it's not deleted. Given that the output is misleading, there are probably more people who'll make the same assumption I made. – Martin Feb 26 '16 at 17:45
  • @Martin fair enough, but you should have the gumption to accept drookie's correct answer: that your assumption was wrong. – MadHatter Feb 26 '16 at 17:53

1 Answers1

3

Your ssh client is definitely presenting your RSA key to the remote ssh:

debug1: Offering RSA public key: /home/martin/.ssh/id_rsa
debug1: Authentications that can continue: publickey

But for some reason the remote server declines it. The reason can be determining by reviewing it's logs, regardless of what you think about it.

drookie
  • 8,625
  • 1
  • 19
  • 29
  • Thanks for the answer. As I said in my previous comment, the output is definitely confusing. `id_rsa` is my private key; my public key is `id_rsa.pub`. – Martin Feb 26 '16 at 13:51
  • 1
    These are two parts of one key: one is used for encryption, and one for decryption. Private part is never presented to anyone: it is kept safe. So you simply are misinterpreting the output. – drookie Feb 26 '16 at 13:54
  • 11
    Yes, but they're stored in different files. The output should point to `id_rsa.pub.` – Martin Feb 26 '16 at 14:01