ssh
or similar applications use Public and Private Key mechanism in order to authenticate and authorize given users. We have all ready examined Key based authentication and authorization in previous tutorials. Permission denied(public key) error is generally occurs for can not reading Public and Private key properly to authenticate to remove server. In this tutorial we will learn general causes and solutions.
Troubleshooting
We will start with a simple troubleshooting. When we try to connect a server or a service with ssh
we can print detailed steps with verbose option. Verbose or debug option is expressed with -vv
. More v
‘s like -vvv
will provide more detailed about the steps.
$ ssh -vvv 192.168.153.185

Solution: Change SSH Key Permissions
One of the most probable cause is read permissions. If we do not have required permissions to read SSH public and private key we can get this error. Another variation is the public and private key pairs owner ship may be changed to another user. First we will give the read permission to the current owner user.
$ sudo chmod -R 600 .ssh

AND we will change the owner to the user ismail
in this case
$ sudo chown -R ismail:ismail .ssh
Solution:Specify SSH Private Key Explicitly
Another problem may be the keys can be located different than default PATH or directory. The ssh
or similar client may not be found the keys and use to for authentication and authorization. We can explicitly specify the Public and Private ssh keys with -i
option.
$ ssh -i .ssh/id_rsa 192.168.153.185

Solution:AuthorizedKeysFile Configuration
ssh server
configuration hold on local user home or in the /etc/ssh/sshd_config
. We can check the authorized key files location with AuthorizedKeysFile
like below.
AuthorizedKeysFile %h/.ssh/authorized_keys
Solution: Enable PasswordAuthentication
Another solution may be enabling Password based authentication. Key based authentication provides more secure way to authentication but may not suitable in some cases. We can enable password based authentication with PasswordAuthentication
option in /etc/ssh/sshd_config
file
PasswordAuthentication yes