A reminder about SSH key pair access

I remember doing this (setting up SSH key pair access) like a ninja, without ServerFault or anything else. But these last years as Software Developer, have rusted the SysAdmin sword, let's say. I was getting crazy here, trying to understand what I was missing, and of course, it gotta be something silly. It's always something silly, and indeed it was. So, here's the first note of 2022, with high hopes on having better notes on this diary, discussing anything more interesting.


I generated my keypair...



I defined PubkeyAuthentication on the sshd daemon of the remote server...



But the access still fails...


That was really bugging me. It can't be Netfilter/IPTABLES, for the connection is established and under negotation. It can't be the user either, for my user exists on the remote server, so I don't need to pass the user while defining the remote IP address, and the PubkeyAuthentication is enabled.

But wait: did I added the pubkey of my user on the authorized_keys file of my user on the remote machine? (...)


And NOW, I can access the remote server..



Observe that the prompt has changed, now informing that a passphrase should be passed for the secret key. Without the authorized_keys defined on the remote server, the authentication was being negotiated via PasswordAuthentication option as yes, being a fallback authentication, which you should disable on your ssh server, for you don't want ssh access without recognized keys (protected by passwords, please).

Without that option, probably sshd daemon would complain about lack of authorized_keys file for my user.

May this note stay here as reminder, for who knows what the future holds...

Mastodon