Passwordless SSH not working – keys copied and permissions set

Willshaw Media asked:

I know this question has been asked, but I’m certain I’ve done what all the other answers suggest.

Machine A:

  • used keygen -t rsa to create id_rsa.pub in ~/.ssh/
  • copied Machine A’s id_rsa.pub to Machine B user’s home directory
  • Made the file permissions of id_rsa.pub 600

Machine B

  • added Machine A’s pub key to authorised_keys and authorised_keys2: cat ~/id_rsa.pub >> ~/.ssh/authorised_keys2
  • made the file permissions of id_rsa.pub 600

I’ve also ensured both the .ssh directories have the permission 700 on both machine A and B.

If I try to login to machine B from machine A, I get asked for the password, not the ssh pass phrase.

I’ve got the root users on both machines to talk to each other using password-less ssh, but I can’t get a normal user to do it.

Do the user names have to be the same on both sides? Or is there some setting else where I’ve missed.

Machine A is a Ubuntu 10.04 virtual machine running inside VirtualBox on a Windows 7 PC, Machine B is a dedicated Ubuntu 9.10 server

UPDATE : I’ve run ssh with the option -vvv, which provides many many lines of output, but this is the last few commands:

debug3: check_host_in_hostfile: filename /home/pete/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host '192.168.1.19' is known and matches the RSA host key.
debug1: Found key in /home/pete/.ssh/known_hosts:1
debug2: bits set: 504/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1015
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 48 bytes for a total of 1063
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/pete/.ssh/identity ((nil))
debug2: key: /home/pete/.ssh/id_rsa (0x7ffe1baab9d0)
debug2: key: /home/pete/.ssh/id_dsa ((nil))
debug3: Wrote 64 bytes for a total of 1127
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/pete/.ssh/identity
debug3: no such identity: /home/pete/.ssh/identity
debug1: Offering public key: /home/pete/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1495
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/pete/.ssh/id_dsa
debug3: no such identity: /home/pete/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password

My answer:


Use ssh-copy-id to copy your keys; it will create any necessary files/directories and fix any broken permissions along the way.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.