4

I am trying to set up a new ssh key for a gcloud instance. I followed the instructions here verbatim (https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys), generating a new key, putting the public rsa-ssh key with my username on the SSH Keys section of the Metadata tab in the Google Cloud Platform interface, and setting the appropriate permissions for my public and private keys with chmod.

I am getting an error which ends as follows, when attempting to ss using the -vvv verbose flag:

...

debug1: Next authentication method: publickey debug1: Offering RSA public key: /Users/erickofman/.ssh/salsadb debug3: send_pubkey_test debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey debug2: we did not send a packet, disable method debug1: No more authentication methods to try. Permission denied (publickey).

I have (with a co-worker) ensured that my public key is contained within the authorized_keys file in the server's .ssh folder. Thinking that perhaps something was just stale, I also tried restarting the ssh server using service sshd restart to no avail.

I also tried setting up ssh using the gcloud tool, same result.

I have the correct role/permissions for the site from what I can tell.

This is what the log looks like on the server side:

admin@awesome-website:~$ tail /var/log/auth.log Nov 15 20:40:16 awesome-website sshd[18846]: input_userauth_request: invalid user ekofman [preauth] Nov 15 20:40:17 awesome-website sshd[18846]: Connection closed by 10.100.100.10 port 90001 [preauth] Nov 15 20:41:17 awesome-website sshd[18848]: Connection closed by 200.200.20.20 port 90002 [preauth]

Been banging my head on this for a bit, any help much appreciated!

ekofman
  • 299
  • 3
  • 12
  • "Offering RSA public key: /Users/erickofman/.ssh/salsadb.pub" https://stackoverflow.com/a/29948797/13317 – Kenster Nov 15 '17 at 22:21
  • @Kenster My bad, I had pasted incorrect code -- I get the exact same error when using the private key, however, I've updated the post – ekofman Nov 16 '17 at 15:25
  • ```debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: /Users/erickofman/.ssh/salsadb debug3: send_pubkey_test debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey debug2: we did not send a packet, disable method debug1: No more authentication methods to try. Permission denied (publickey).``` – ekofman Nov 16 '17 at 15:26
  • Are there other users who are able to ssh in using keys? – user8675309 Nov 16 '17 at 17:14
  • Yes my coworker has been able to with a key had previously generated and added, but we walked through the same process together from scratch and now he cannot ssh in either with a new key. – ekofman Nov 16 '17 at 17:25
  • Just to make sure I understand: Your coworker can still log in using their previously-generated key, but not the newly-generated key which you're sure has been added to their authorized_keys file correctly? Or does their previously-generated key also not work now? – user8675309 Nov 16 '17 at 17:33

2 Answers2

15

Whelp, turns out that new ssh keys do not get incorporated unless a full instance restart is effected. Not ssh server restart, but a full instance restart (stop gcloud instance, then start gcloud instance). It doesn't say this in the documentation, good to know for future reference.

ekofman
  • 299
  • 3
  • 12
0

Per this make sure you're .ssh/authorized_keys in your user's directory.

You also want to ensure your .ssh directory and authorized_keys have the proper permissions set. (700 and 600 respectively).

sudo chmod 700 ~/.ssh
sudo chmod 600 ~/.ssh/authorized_keys
user8675309
  • 591
  • 1
  • 6
  • 24