{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 劳资没心,怎么记你 的问题《Adding public key to ~/.ssh/authorized_keys does n》','https://www.manongdao.com/q-103683.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I added the public ssh key to the authorized_keys file. ssh localhost should log me in without asking for the password.
I did that and tried typing ssh localhost, but it still asks me to type in the password. Is there any other setting that I have to go through to make it work?
I have followed instruction for changing permissions:
Below is the result if I do ssh -v localhost
debug1: Reading configuration data /home/john/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/john/.ssh/identity type 1
debug1: identity file /home/john/.ssh/id_rsa type -1
debug1: identity file /home/john/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.7p1 Debian-8ubuntu3
debug1: match: OpenSSH_4.7p1 Debian-8ubuntu3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'localhost' is known and matches the RSA host key.
debug1: Found key in /home/john/.ssh/known_hosts:12
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /home/john/.ssh/identity
debug1: Server accepts key: pkalg ssh-rsa blen 149
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Then it asks for passphase after the above log. Why isn't it logging me in without a password?
Make sure you've copied the whole public key to
authorized_keys; thessh rsaprefix is necessary for the key to work.Listing a public key in .ssh/authorized_keys is necessary but not sufficient for sshd (server) to accept it. If your private key is passphrase-protected, you'll need to give ssh (client) the passphrase every time. Or you can use ssh-agent, or a gnome equivalent.
Your UPDATE'd trace is consistent with a passphrase-protected private key. See ssh-agent, or ssh-keygen -p.
Look at
/var/log/auth.logon the server forsshdauth errors.If all else fails, then run the
sshdserver in debug mode:Then connect from the the client:
In my case I found the error section at the end:
With this info I realized that my
sshd_configwas restricting logins to members of thesshgroup. The following command fixed this permission error:I had this problem and none of the other answers solved it, although of course the other answers are correct.
In my case, turned out that the
/rootdirectory itself (not e.g./root/.ssh) had the wrong permissions. I needed:Of course, those permissions should be something like that (maybe
chmod 770) regardless. However, it specifically preventedsshdfrom working, even though/root/.sshand/root/.ssh/authorized_keysboth had correct permissions and owners.SELinux can also cause authorized_keys not to work. Especially for root in CentOS 6 and 7. No need to disable it though. Once you've verified your permissions are correct, you can fix this like so:
The thing that did the trick for me finally was to make sure that the owner/group were not root but user: