I copied my SSH public key to a server using ssh-copy-id, but the server still ask for a password. I checked the permission on the files in the ssh folder and they are readable for user only. I also checked the sshd_config file and the PasswordAuthentication line ends with yes. I checked the authorized_keys file on the server and the key matches the key I have in my id_rsa.pub.
I run
ssh -i <path_to_key> <myusername@host> -vvv
and this is part of the error I got (StackExchange won't let me add all of it) -
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
.....
debug1: Connecting to <host> port 22.
debug1: Connection established.
debug1: identity file id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to <host>:22 as <myusername>
debug3: hostkeys_foreach: reading file "/users/studs/bsc/2016/orelhaz/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /users/studs/bsc/2016/orelhaz/.ssh/known_hosts:119
debug3: load_hostkeys: loaded 1 keys from <host>
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
.......
debug3: hostkeys_foreach: reading file "/users/studs/bsc/2016/orelhaz/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /users/studs/bsc/2016/orelhaz/.ssh/known_hosts:119
debug3: load_hostkeys: loaded 1 keys from <host>
debug3: hostkeys_foreach: reading file "/users/studs/bsc/2016/orelhaz/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /users/studs/bsc/2016/orelhaz/.ssh/known_hosts:119
debug3: load_hostkeys: loaded 1 keys from 132.72.44.112
debug1: Host <host> is known and matches the ECDSA host key.
debug1: Found key in /users/studs/bsc/2016/orelhaz/.ssh/known_hosts:119
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
......
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
...........
No Kerberos credentials available (default cache: KEYRING:persistent:8108)
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:8108)
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
Thanks.
ssh username@machineto the question. Also, does the config on the machine havePubkeyAuthentication yes?PubkeyAuthentication yes? If so, are you sure thatssh-copy-idactually worked?