The Secure Shell provides an authenticated way to create a connection between remote and local servers. There are several ways to connect to other servers using SSH, while the public key connection is the easiest way to connect to a specific server automatically. The public key of another server is saved in the local system to avoid entering a password every time the user connects to that server.
While trying to connect via SSH public key, we may encounter the SSH permission denied public key error. This article will cover the SSH denied public key possible reasons and solutions using these topics:
- How to Fix SSH Permission Denied PublicKey?
- Cause: SSH Public Key is not Authenticated
- Method 1: Enable Password Authentication
- Method 2: Provide Correct Permissions to SSH Directory and Authorized key
- Method 3: Configure File System Permissions
How to Fix SSH Permission Denied Public Key?
This section will explain the reason and three solutions to fix this error.
Cause: SSH Public Key is not Authenticated
The SSH public key is used for logging in to other servers without entering the password at each login. The SSH permission denied public key error occurs when the public key is not authenticated on both servers. This error can occur when the local and remote server public keys are matched or authenticated and the SSH configuration file permissions are not set.
Method 1: Enable Password Authentication
When the remote server’s public key is not enabled in your system, the SSH permission denied error occurs. To remove this error, follow these steps:
- Open the SSHD configuration file with the below command:
$ sudo nano /etc/ssh/sshd_config
- Move to the “PaawordAuthentication” line and make it yes:
PasswordAuthentication yes
Press Ctrl + O for saving and Ctrl + X for exiting the editor.
- Save the changes by restarting the sshd service:
$ sudo systemctl restart sshd
- Connect to the remote server using its username and IP address to verify that the error is removed:
$ ssh theo@192.168.141.132
The output shows that the SSH permission denied public key error is removed and connected successfully to the server via SSH.
Method 2: Provide Correct Permissions to SSH Directory and Authorized Keys
If the public key is saved to the SSH authorized keys file, you don’t need a public key to log in to the remote server. But if the SSH and authorized keys file do not have the correct permissions, the SSH permission denied public key error could occur.
To solve this error, provide these permissions as given in the below steps:
- Provide read, execute and write permissions to the user for the SSH file using the following command:
$ sudo chmod 700 ~/.ssh
- Provide read and write permissions to the user for the SSH authorized keys file with the below command:
$ sudo chmod 600 ~/.ssh/authorized_keys
- The correct permissions are provided, now connect to the desired SSH server by using its IP address and username:
$ ssh theo@192.168.141.132
The servers are successfully connected via SSH, and the SSH permission denied public key error is removed.
Method 3: Configure File System Permissions
We can remove the permitted root login for the system and enable the public key authentication to remove the SSH-denied public key error. For that, follow these steps:
- The configuration file for the SSHD can be opened using the below-stated command:
$ sudo nano /etc/ssh/sshd_config
- Navigate to “PermitRootLogin” to make it “no” and enable the “PublicKeyAuthentication” by making it “yes” as shown below:
PermitRootLogin no PublicKeyAuthentication yes
- Enable the Plugin Authentication Module PAM by setting the UsePAM as yes:
UsePAM yes
Press Ctrl + O for saving and Ctrl + X for exiting the editor.
- Restart the SSHD service to save the changes with the below command:
$ sudo systemctl restart sshd
- Now connect to the desired SSH server by using its IP address:
$ ssh theo@192.168.141.132
The servers are successfully connected via SSH, and the SSH denied public key error is fixed.
Conclusion
The SSH permission denied public key error can be fixed by enabling password authentication, providing correct permissions to SSH, and authorizing key files. Moreover, this error can be removed by configuring the SSHD configuration file, as discussed in this article.