Permission denied (publickey) error right after generating the SSH keys

Question

I know this question might have been asked before But I still cannot really find the answer, and the answer in my case should be simple.

So what have I done is in my ECS server I created a new user and gave it sudo privilege by assigning it to the sudo group. Then I change some of the sshd_config parameter:

change port from 22 to another
PermitRootLogin from "yes" to "no"
PasswordAuthentication from "yes" to "no"

And then I generate SSH key by ssh-keygen -t rsa and copy it to the authorized_keys by ssh-copy-id user@ipAddress

and then I restart the server, ssh login to the server and get the Permission denied (publickey) error.

In the server /home/user/.ssh folder lies authorized_keys, id_rsa.pub and id_rsa three files. But in my local machine .ssh folder there is no key file.

So where is the problem?

It sounds like you generated the keypair on the server, instead of generating them on the local machine and copying just the public key to the server's keys file. — steeldriver, Apr 04 '17 at 08:34
I would suggest you to read also this answer, and maybe the beginning of this one. — pa4080, Apr 04 '17 at 09:09
@steeldriver I think so, if I download the key to my local machine would I get this issue sorted? — Frostless, Apr 04 '17 at 09:24

score 1 · Accepted Answer · edited Sep 16 '22 at 12:38

1

Detailed instructions how to connect to SSH server can be found here

From your question it is clear that you should do the following:

How To Create SSH Keys

SSH keys should be generated on the computer you wish to log in from. This is usually your local computer.

Enter the following into the command line:

ssh-keygen -t rsa

Press enter to accept the defaults. Your keys will be created at ~/.ssh/id_rsa.pub and ~/.ssh/id_rsa.

have the following files in the ~/.ssh directory in the client machine:

-rw------- 1 demo demo 1679 Sep  9 23:13 id_rsa
-rw-r--r-- 1 demo demo  396 Sep  9 23:13 id_rsa.pub

As you can see, the id_rsa file is readable and writable only to the owner. This is how it should be to keep it secret.

The id_rsa.pub file, however, can be shared and has permissions appropriate for this activity.

On the server side, you should have the public key (not the private key).

edited Sep 16 '22 at 12:38

M at

105

answered Apr 04 '17 at 08:35

Yaron

13,173

I think what happened was I generate the key pairs in the server instead of in my local machine...should I delete all the key pairs in the server if this is the case? I tried but I still get the error.. maybe I should delete the authorized key file? – Frostless Apr 04 '17 at 10:01
@jindsay - assuming that you still have access to thessh server - please create new keys on the client, using ssh-keygen, and make sure that both id_rsa files are in the client .ssh folder. afterwards copy the new id_rsa.pub file to the server. please review the link in my answer – Yaron Apr 04 '17 at 11:16

Permission denied (publickey) error right after generating the SSH keys

1 Answers1