Willie Wheeler
- Bio
- Website
- @williewheeler
-
Tried Everything and SSH with PKA Still Not Working?
- Tweet
-
Recommended Links
DevOps Deployment: Applying Agile and Lean
Deployment Automation: The Basics
Continuous Delivery: Learn From The Inventors!
Beyond the Buzzwords: Continuous Delivery & DevOps
Continuous Delivery: The Book!
Like this piece? Share it with your friends:
I recently ran into the situation in which I couldn’t get PKA to work when SSHing into my Ubuntu server. I checked the key pair (works fine SSHing into other servers), directory permissions, /etc/ssh/sshd_config, /var/log/auth.log, all that. Ran ssh -vvv but nothing obvious other than the server wasn’t accepting my PKA authentication. I’m not a systems guy, but I’ve set this up often enough that I couldn’t figure out for the life of me why it kept going for password authentication.
Finally found the answer: my home directory is encrypted. SSH can’t read the ~/.ssh/authorized_keys file until I log in, so it rejects the PKA auth and goes to password.
The solution is to place the authorized_keys file in an alternative location (e.g., /etc/ssh/<username>/authorized_keys), reconfigure sshd_config to use that location, set permissions, and restart the SSHD server. It’s here, under Troubleshooting.
Hope that helps somebody out. It was driving me bonkers.
(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)
- DevOps
- encryption
- pka
- ssh
- ubuntu
- Linux