-2

I can imagine this could be a little tricky to answer but hopefully someone might be able to help. I have searched around and couldn't find much on this specific question.

Basically, I'm renting a dedicated server running CentOS 7 and so just trying to configure security. It's been a couple of years since I used any SSH and even then it was basic but I'm fumbling my way through.

I open up the SSH connection with Putty logging in as the root user. Created a new user, given a password and added it to the wheel group.

Then I have created, on my local machine, a public key using ssh-keygen from git for windows.

I added a password to the key when it asked me, again for verification.

Then I transferred the key over to the new user on the server, ran chmod on it and then altered the SSH daemon to not allow root log in.

I reloaded the sshd and tried a new connection. It doesn't let me log in as root, and it does as the new user, and it seems to have the correct privileges.

The question is, how do I know, when logging on, that it is checking the key and do you have any idea why it isn't asking me for the password for the key?

Any info would be appreciated.

Basically, setting it up, I followed this initial guide : https://www.digitalocean.com/community/tutorials/initial-server-setup-with-centos-7

wsjlisseter
  • 99
  • 1
  • 1
  • 10

1 Answers1

0

Using ssh -v will give you more information about the negotiation and which keys it's finding and sending to the remote server.

I don't know about the passphrase sorry.

Jeremy Jones
  • 4,561
  • 3
  • 16
  • 26
  • Thanks for your quick response. Any idea how I could enable this -v option from putty as that's what I'm using to connect from a windows machine? – wsjlisseter Oct 14 '15 at 10:17
  • You can use a `-v` option in Windows Putty but it doesn't seem to do much as far as I can see. But, in Windows you could run Putty at the command line and include a `-i` option which forces it to use a particular identity file. That might avoid the uncertainty of which identity file or login method it's using. – Jeremy Jones Oct 14 '15 at 10:43
  • That's awesome, thanks. When running putty with -I user@ipaddress it comes back with Unable to use key file "user@ipaddress"(unable to open file). I'm guessing this means I've give it the wrong input, should this be the location of the key file? Even so, after this error, it just asks me to log in as and I enter the user and password and it lets me log in – wsjlisseter Oct 14 '15 at 11:00
  • Just as an update, when running putty with -i \locationofkey user@ipaddress it returns with unable to use key file "\locationofkey" (OpenSSH SSH-2 private key) Using username "user". The continues to ask me for the user's password and then after entering it, it logs me in still. – wsjlisseter Oct 14 '15 at 11:14
  • I don't think OpenSSH keys are Putty-compatible, at least from some Google searches. If you generate a key using PuTTYgen then that should work ok I think, or PuTTYgen can convert OpenSSH private key files into PuTTY's format. The SSH default is to 'fall back' to password authentication if keyfile authentication fails. In Linux you can disable that feature in your ssh options (PasswordAuthentication No) but I don't know of an equivalent setting for Windows/PuTTY. – Jeremy Jones Oct 14 '15 at 11:31