Skip to Content

Why Key Authorization is not working?

Key Authorization is not working in a remote server through the gateway.

Even after setting up the remote server in gateway machine and appending the public key to /root/.ssh/authorized_keys, you're still prompted for a password when trying to log in, what might be the reason for this?

Go through the following Troubleshooting steps:

(1) Check whether the PubKeyAuthentication is enabled on the sshd conf of the remote server.

Append /modify the specified lines in the conf to grant the necessary permissions, and then restart the sshd service to ensure that the changes become effective.

root@ubuntu:~# echo "PermitRootLogin  yes\|PubkeyAuthentication  yes" >> /etc/ssh/sshd_config 

root@ubuntu:~# systemctl restart sshd

root@ubuntu:~# sshd -T | grep -i 'PermitRootLogin\|PubkeyAuthentication'

(2) Confirm that the remote server is added with the remote username "root".

(3) Reset the fingerprint of the remote Server.

(4) After resetting try to reset sshd and try to re-login to ezsh.

root@ubuntu:~# systemctl restart sshd

(5) Check the latest SSH logs for any errors.

If the remote server is Ubuntu --> root@ubuntu:~# tail -f /var/log/auth.log

If the remote server is CentOS --> root@ubuntu:~# tail -f /var/log/secure

(6) Run the following command to see which key types are enabled on the server.

root@ubuntu:~# sshd -T|grep -i key

pubkeyacceptedalgorithms [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],rsa-sha2-512,rsa-sha2-256

 (7) Add ssh-rsa to sshd conf in the remote server. 

In Ubuntu 22, ssh-rsa is disabled by default, so you need to enter it manually.

root@ubuntu:~# echo "PubkeyAcceptedKeyTypes ssh-rsa" >> /etc/ssh/sshd_config

(8) Re-run the below command and confirm that ssh-rsa has been enabled.

root@ubuntu:~# sshd -T | grep -i key

pubkeyacceptedalgorithms [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],rsa-sha2-512,rsa-sha2-256,ssh-rsa

Related Articles:

Add ssh pubkey for passwordless authentication in ssh

Authentication by ssh key failed

Error log file and config file to troubleshoot