ssh localhost: Permission denied (publickey) Ubuntu on WSL2

Question

I'm having trouble "sshing" to localhost and getting a permission denied. I have tried everything from root or using sudo as well.

Ran the following:

ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
cat /root/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 0600 ~/.ssh/authorized_keys
ssh localhost

As the root user I have also done the following in case I use either user and the directories get mixed up:

cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
cat /home/shervleradvm/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

First time was because the service was not running. So I did sudo service ssh start
I have also disabled the ufw for the test. sudo ufw disable
read/write permissions on the key files are

drwx------ 2 shervleradvm shervleradvm 4096 Nov 21 23:15 .
drwxr-xr-x 6 shervleradvm shervleradvm 4096 Nov 21 23:25 ..
-rw-r----- 1 shervleradvm shervleradvm 1146 Nov 21 23:23 authorized_keys
-r-------- 1 root         shervleradvm 2610 Nov 18 13:17 id_rsa
-r-------- 1 shervleradvm shervleradvm  577 Nov 18 13:17 id_rsa.pub
-rw-r--r-- 1 shervleradvm shervleradvm  444 Nov 18 15:05 known_hosts

sshd_config file was missing the following so I added and tested each and combinations of:

AllowUsers: added shervleradvm
AuthorizedKeysFile: added ~/.ssh/authorized_keys /root/.ssh/authorized_keys

I then changed my config file a little after reading Please explain the complete steps involved in the installation of OpenSSH server on Ubuntu so now it looks like:

#       $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
This is the sshd server system-wide configuration file.  See
sshd_config(5) for more information.
This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
The strategy used for options in the default sshd_config shipped with
OpenSSH is to specify options with their default value where
possible, but leave them commented.  Uncommented options override the
default value.
Include /etc/ssh/sshd_config.d/*.conf
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key
Ciphers and keying
#RekeyLimit default none
Logging
#SyslogFacility AUTH
########################################## EDITED
LogLevel VERBOSE
##################################################
Authentication:
############################################################## NEW STUFF ############
AllowUsers shervleradvm root 
#####################################################################################
#LoginGraceTime 2m
########################################### EDITED
PermitRootLogin yes
##################################################
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
PubkeyAuthentication yes
Expect .ssh/authorized_keys2 to be disregarded by default in future.
########################################################################### EDITED
AuthorizedKeysFile      ~/.ssh/authorized_keys /root/.ssh/authorized_keys
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
Change to yes if you don't trust ~/.ssh/known_hosts for
HostbasedAuthentication
#IgnoreUserKnownHosts no
Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
#PermitEmptyPasswords no
Change to yes to enable challenge-response passwords (beware issues with
some PAM modules and threads)
ChallengeResponseAuthentication no
Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no
Set this to 'yes' to enable PAM authentication, account processing,
and session processing. If this is enabled, PAM authentication will
be allowed through the ChallengeResponseAuthentication and
PasswordAuthentication.  Depending on your PAM configuration,
PAM authentication via ChallengeResponseAuthentication may bypass
the setting of "PermitRootLogin without-password".
If you just want the PAM account and session checks to run without
PAM authentication, then enable this but set PasswordAuthentication
and ChallengeResponseAuthentication to 'no'.
UsePAM yes
#AllowAgentForwarding yes
############################################ EDITED
AllowTcpForwarding no
####################################################
#GatewayPorts no
############################################ EDITED
X11Forwarding no
####################################################
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
PrintMotd no
#PrintLastLog yes
#TCPKeepAlive yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
no default banner path
########################################## EDITED
Banner /etc/issue.net
#####################################################
Allow client to pass locale environment variables
AcceptEnv LANG LC_*
override default of no subsystems
Subsystem       sftp    /usr/lib/openssh/sftp-server
Example of overriding settings on a per-user basis
#Match User anoncvs
X11Forwarding no
AllowTcpForwarding no
PermitTTY no
ForceCommand cvs server

I'm not sure what else I can try I've been stuck on this for days and I have read all the other questions regarding ssh.

The verbose output is:

OpenSSH_8.2p1 Ubuntu-4ubuntu0.1, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/shervleradvm/.ssh/id_rsa type 0
debug1: identity file /home/shervleradvm/.ssh/id_rsa-cert type -1
debug1: identity file /home/shervleradvm/.ssh/id_dsa type -1
debug1: identity file /home/shervleradvm/.ssh/id_dsa-cert type -1
debug1: identity file /home/shervleradvm/.ssh/id_ecdsa type -1
debug1: identity file /home/shervleradvm/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/shervleradvm/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/shervleradvm/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/shervleradvm/.ssh/id_ed25519 type -1
debug1: identity file /home/shervleradvm/.ssh/id_ed25519-cert type -1
debug1: identity file /home/shervleradvm/.ssh/id_ed25519_sk type -1
debug1: identity file /home/shervleradvm/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/shervleradvm/.ssh/id_xmss type -1
debug1: identity file /home/shervleradvm/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to localhost:22 as 'shervleradvm'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:RhXPmgq8gMMrSRv7+VlpLb84pRnXi2vDiqdg0EfocK0
debug1: Host 'localhost' is known and matches the ECDSA host key.
debug1: Found key in /home/shervleradvm/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /home/shervleradvm/.ssh/id_rsa RSA SHA256:WfkneDotRaioAvWLHi+4L0CpHg+EZ8cWMPPGbx/jUXQ
debug1: Will attempt key: /home/shervleradvm/.ssh/id_dsa
debug1: Will attempt key: /home/shervleradvm/.ssh/id_ecdsa
debug1: Will attempt key: /home/shervleradvm/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/shervleradvm/.ssh/id_ed25519
debug1: Will attempt key: /home/shervleradvm/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/shervleradvm/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com>
debug1: SSH2_MSG_SERVICE_ACCEPT received
***************************************************************************
                         SOME BANNER I HAVE PUT
This computer system is the private property of its owner, whether
individual, corporate or government.  It is for authorized use only.
Users (authorized or unauthorized) have no explicit or implicit
expectation of privacy.
Any or all uses of this system and all files on this system may be
intercepted, monitored, recorded, copied, audited, inspected, and
disclosed to your employer, to authorized site, government, and law
enforcement personnel, as well as authorized officials of government
agencies, both domestic and foreign.
By using this system, the user consents to such interception, monitoring,
recording, copying, auditing, inspection, and disclosure at the
discretion of such personnel or officials.  Unauthorized or improper use
of this system may result in civil and criminal penalties and
administrative or disciplinary action, as appropriate. By continuing to
use this system you indicate your awareness of and consent to these terms
and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the
conditions stated in this warning.
****************************************************************************
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/shervleradvm/.ssh/id_rsa RSA SHA256:WfkneDotRaioAvWLHi+4L0CpHg+EZ8cWMPPGbx/jUXQ
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/shervleradvm/.ssh/id_dsa
debug1: Trying private key: /home/shervleradvm/.ssh/id_ecdsa
debug1: Trying private key: /home/shervleradvm/.ssh/id_ecdsa_sk
debug1: Trying private key: /home/shervleradvm/.ssh/id_ed25519
debug1: Trying private key: /home/shervleradvm/.ssh/id_ed25519_sk
debug1: Trying private key: /home/shervleradvm/.ssh/id_xmss
debug1: No more authentication methods to try.
shervleradvm@localhost: Permission denied (publickey).

UPDATE 1: the syslog in /var/log/syslog only says:

Nov 20 01:05:54 ShervLeRad kernel: [35460.503034] WSL2: Performing memory compaction.
Nov 20 01:06:55 ShervLeRad kernel: [35521.519400] WSL2: Performing memory compaction.
Nov 20 01:07:56 ShervLeRad kernel: [35582.535366] WSL2: Performing memory compaction.
Nov 20 01:08:57 ShervLeRad kernel: [35643.552061] WSL2: Performing memory compaction.
Nov 20 01:09:58 ShervLeRad kernel: [35704.567029] WSL2: Performing memory compaction.
Nov 20 01:10:59 ShervLeRad kernel: [35765.582427] WSL2: Performing memory compaction.
Nov 20 01:12:00 ShervLeRad kernel: [35826.597374] WSL2: Performing memory compaction.

the auth.log in /var/log/auth.log says:

Nov 19 18:48:34 ShervLeRad sudo: shervleradvm : TTY=pts/0 ; PWD=/etc/ssh ; USER=root ; COMMAND=/usr/bin/ssh localhost
Nov 19 18:48:34 ShervLeRad sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Nov 19 18:48:34 ShervLeRad sshd[7026]: Connection closed by authenticating user root 127.0.0.1 port 39490 [preauth]
Nov 19 18:48:34 ShervLeRad sudo: pam_unix(sudo:session): session closed for user root
Nov 19 18:48:37 ShervLeRad sudo: shervleradvm : TTY=pts/0 ; PWD=/etc/ssh ; USER=root ; COMMAND=/usr/bin/vim sshd_config
Nov 19 18:48:37 ShervLeRad sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Nov 19 18:48:51 ShervLeRad sudo: pam_unix(sudo:session): session closed for user root

UPDATE 2: I ran ssh with -vvv and the output is:

OpenSSH_8.2p1 Ubuntu-4ubuntu0.1, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "localhost" port 22
debug2: ssh_connect_direct
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/shervleradvm/.ssh/id_rsa type 0
debug1: identity file /home/shervleradvm/.ssh/id_rsa-cert type -1
debug1: identity file /home/shervleradvm/.ssh/id_dsa type -1
debug1: identity file /home/shervleradvm/.ssh/id_dsa-cert type -1
debug1: identity file /home/shervleradvm/.ssh/id_ecdsa type -1
debug1: identity file /home/shervleradvm/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/shervleradvm/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/shervleradvm/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/shervleradvm/.ssh/id_ed25519 type -1
debug1: identity file /home/shervleradvm/.ssh/id_ed25519-cert type -1
debug1: identity file /home/shervleradvm/.ssh/id_ed25519_sk type -1
debug1: identity file /home/shervleradvm/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/shervleradvm/.ssh/id_xmss type -1
debug1: identity file /home/shervleradvm/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to localhost:22 as 'shervleradvm'
debug3: hostkeys_foreach: reading file "/home/shervleradvm/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/shervleradvm/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from localhost
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:RhXPmgq8gMMrSRv7+VlpLb84pRnXi2vDiqdg0EfocK0
debug3: hostkeys_foreach: reading file "/home/shervleradvm/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/shervleradvm/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from localhost
debug1: Host 'localhost' is known and matches the ECDSA host key.
debug1: Found key in /home/shervleradvm/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /home/shervleradvm/.ssh/id_rsa RSA SHA256:WfkneDotRaioAvWLHi+4L0CpHg+EZ8cWMPPGbx/jUXQ
debug1: Will attempt key: /home/shervleradvm/.ssh/id_dsa
debug1: Will attempt key: /home/shervleradvm/.ssh/id_ecdsa
debug1: Will attempt key: /home/shervleradvm/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/shervleradvm/.ssh/id_ed25519
debug1: Will attempt key: /home/shervleradvm/.ssh/id_ed25519_sk
debug1: Will attempt key: /home/shervleradvm/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 53
debug3: input_userauth_banner
***************************************************************************
                            NOTICE TO USERS
This computer system is the private property of its owner, whether
individual, corporate or government.  It is for authorized use only.
Users (authorized or unauthorized) have no explicit or implicit
expectation of privacy.
Any or all uses of this system and all files on this system may be
intercepted, monitored, recorded, copied, audited, inspected, and
disclosed to your employer, to authorized site, government, and law
enforcement personnel, as well as authorized officials of government
agencies, both domestic and foreign.
By using this system, the user consents to such interception, monitoring,
recording, copying, auditing, inspection, and disclosure at the
discretion of such personnel or officials.  Unauthorized or improper use
of this system may result in civil and criminal penalties and
administrative or disciplinary action, as appropriate. By continuing to
use this system you indicate your awareness of and consent to these terms
and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the
conditions stated in this warning.
****************************************************************************
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/shervleradvm/.ssh/id_rsa RSA SHA256:WfkneDotRaioAvWLHi+4L0CpHg+EZ8cWMPPGbx/jUXQ
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/shervleradvm/.ssh/id_dsa
debug3: no such identity: /home/shervleradvm/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/shervleradvm/.ssh/id_ecdsa
debug3: no such identity: /home/shervleradvm/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/shervleradvm/.ssh/id_ecdsa_sk
debug3: no such identity: /home/shervleradvm/.ssh/id_ecdsa_sk: No such file or directory
debug1: Trying private key: /home/shervleradvm/.ssh/id_ed25519
debug3: no such identity: /home/shervleradvm/.ssh/id_ed25519: No such file or directory
debug1: Trying private key: /home/shervleradvm/.ssh/id_ed25519_sk
debug3: no such identity: /home/shervleradvm/.ssh/id_ed25519_sk: No such file or directory
debug1: Trying private key: /home/shervleradvm/.ssh/id_xmss
debug3: no such identity: /home/shervleradvm/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
shervleradvm@localhost: Permission denied (publickey).

UPDATE 3:

I just tried ssh -i id_rsa localhost from ~/.ssh dir of shervleradvm user to try defining private_key to use. That didn't work. So I did touch config && vim config then I defined the private key for the localhost:

Host localhost
        HostName localhost
        User shervleradvm
        IdentityFile ~/.ssh/id_rsa

and then ran ssh localhost. The error presists.

UPDATE 4: I changed the owner of the private key to shervleradvm and gave the following permissions:

-rw------- 1 shervleradvm shervleradvm 2610 Nov 18 13:17 id_rsa
-r-------- 1 shervleradvm shervleradvm  577 Nov 18 13:17 id_rsa.pub

didn't help.

I have the same problem. I've tried everything but I always get "Permission denied (publickey)". However I was able to connect with password after changed PasswordAuthentication to on in sshd_config and connecting like ssh wslusername@yourwslhost. Have you found the solution for the public key problem meanwhile? — szegheo, Nov 27 '20 at 16:37

score 5 · Accepted Answer · answered Nov 28 '20 at 07:59

I spent a day googling on this and finally got it working.

Quoted from your -vvv log:

debug1: Offering public key: /home/shervleradvm/.ssh/id_rsa RSA SHA256:WfkneDotRaioAvWLHi+4L0CpHg+EZ8cWMPPGbx/jUXQ debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51

This shows that your public key is sent but the "receive packet: type 51" means permission issues on the server side (WSL in your case) when strict mode is enabled in your sshd_config.

Inside WSL in your home folder set the permission very carefully:

Owner and group should be set to your user on the ~/.ssh and its files.
The folder ~/.ssh should set to 700 / drwx------
The file authorized_keys should set to 711 / -rwx--x--x
The files *.pub should set to 644 / -rw-r--r--
All other files should set to 600 / -rw-------

Outside WSL in your home folder's .ssh directory the config file should look like this :

Host localhost
  HostName localhost
  User shervleradvm
  PubkeyAuthentication yes

The param IdentityFile ~/.ssh/id_rsa is not necessary.

Also, the server's user's home directory must be owned by that user. — ki9, Sep 25 '21 at 00:54
Very useful. Many tutorials on how to use ssh on WSL do not consider changing owner and permission (in this detail at least). — Younes El Ouarti, Oct 28 '23 at 07:45

score 0 · Answer 2 · answered Nov 22 '20 at 14:49

0

-r-------- 1 root         shervleradvm 2610 Nov 18 13:17 id_rsa

It's owned by root and only readable by root.

Run

sudo chown shervleradvm ~/.ssh/id_rsa && chmod 600 ~/.ssh/id_rsa

answered Nov 22 '20 at 14:49

vidarlo

22,691

I tried using root user as well so if its that then the root should not have a problem right? – Shervin Rad Nov 22 '20 at 15:03
Root has a seperate home directory. The permissions are wrong for your user according to your question. – vidarlo Nov 22 '20 at 15:06
I did that but still get the same error :( – Shervin Rad Nov 22 '20 at 15:18
Do you see anything in the server logs? – vidarlo Nov 22 '20 at 16:16
I updated the post with the logs; are these the logs that are of interest? – Shervin Rad Nov 23 '20 at 13:12
Does the ~/.ssh directory have permissions 700? – Bengt Olsson Nov 23 '20 at 21:00
yup, drwx------ 2 shervleradvm shervleradvm 4096 Nov 25 14:28 .ssh – Shervin Rad Nov 27 '20 at 19:49

ssh localhost: Permission denied (publickey) Ubuntu on WSL2

This is the sshd server system-wide configuration file. See

sshd_config(5) for more information.

This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

The strategy used for options in the default sshd_config shipped with

OpenSSH is to specify options with their default value where

possible, but leave them commented. Uncommented options override the

default value.

Ciphers and keying

Logging

Authentication:

Expect .ssh/authorized_keys2 to be disregarded by default in future.

For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

Change to yes if you don't trust ~/.ssh/known_hosts for

HostbasedAuthentication

Don't read the user's ~/.rhosts and ~/.shosts files

To disable tunneled clear text passwords, change to no here!

Change to yes to enable challenge-response passwords (beware issues with

some PAM modules and threads)

Kerberos options

GSSAPI options

Set this to 'yes' to enable PAM authentication, account processing,

and session processing. If this is enabled, PAM authentication will

be allowed through the ChallengeResponseAuthentication and

PasswordAuthentication. Depending on your PAM configuration,

PAM authentication via ChallengeResponseAuthentication may bypass

the setting of "PermitRootLogin without-password".

If you just want the PAM account and session checks to run without

PAM authentication, then enable this but set PasswordAuthentication

and ChallengeResponseAuthentication to 'no'.

no default banner path

Allow client to pass locale environment variables

override default of no subsystems

Example of overriding settings on a per-user basis

X11Forwarding no

AllowTcpForwarding no

PermitTTY no

ForceCommand cvs server

2 Answers2