SyntaxFix

[ssh] ssh : Permission denied (publickey,gssapi-with-mic)

Setting PasswordAuthentication to yes, is not the best way to go , is not as secure as using private and public keys for authentication !

First make sure that that you have the fallowing permissions set, on the server side.

First check your home dir (SERVER SIDE)

[vini@random ~]$ ls -ld ~

drwx------. 3 vini vini 127 Nov 23 15:29 /home/vini

if it is not like this, run

chmod 0700 /home/your_home

Now check .ssh folder 

[vini@random ~]$ ls -ld  /home/vini/.ssh/

drwx------. 2 vini vini 29 Nov 23 15:28 /home/vini/.ssh/

if it is not looking like this, run

chmod 0700 /home/your_home/.ssh

now make sure that authorized_keys looks like this

[vini@venon ~]$ ls -ld  /home/vini/.ssh/authorized_keys 

-rw-------. 1 vini vini 393 Nov 23 15:28 /home/vini/.ssh/authorized_keys

or just run 

chmod 0600 /home/your_home/.ssh/authorized_keys

After that go to /etc/ssh/sshd_config

For best security set 

PermitRootLogin no

PubkeyAuthentication yes

keep as yes for testing purposes 

PasswordAuthentication yes

Make sure that 

ChallengeResponseAuthentication no

Comment those lines for GSSAPI

# #GSSAPIAuthentication yes
# #GSSAPICleanupCredentials no

Make sure that is set to UsePAM yes

UsePAM yes

now restart sshd service

systemctl restart sshd

on the client side 

cd /home/your_home/.ssh

generate new keys; setting a password is optional but is a good idea

ssh-keygen -t rsa -b 2048

copy pub key to your server

ssh-copy-id -i id_rsa.pub user_name@server_ip 

start ssh agent 

eval $(ssh-agent)

ssh-add /home/user/.ssh/your_private_key

now your are good to go !

ssh user_name@server_ip

if everything works just fine

make a backup of your private key and then deny PasswordAuthentication

PasswordAuthentication no

Restart you server

now anyone trying to ssh into your server, without your keys should get

vini@random: Permission denied (publickey).

keep script kids away from your business, and good luck

Examples related to ssh

Starting ssh-agent on Windows 10 fails: "unable to start ssh-agent service, error :1058" How to solve "sign_and_send_pubkey: signing failed: agent refused operation"? key_load_public: invalid format ssh connection refused on Raspberry Pi Getting permission denied (public key) on gitlab Verify host key with pysftp Can't connect to Postgresql on port 5432 Checkout Jenkins Pipeline Git SCM with credentials? How to open remote files in sublime text 3 how to setup ssh keys for jenkins to publish via ssh

Examples related to centos

How to uninstall an older PHP version from centOS7 Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details pip install - locale.Error: unsupported locale setting ssh : Permission denied (publickey,gssapi-with-mic) How to change the MySQL root account password on CentOS7? Completely remove MariaDB or MySQL from CentOS 7 or RHEL 7 ffprobe or avprobe not found. Please install one How to check all versions of python installed on osx and centos Cannot find java. Please use the --jdkhome switch VirtualBox: mount.vboxsf: mounting failed with the error: No such device

Examples related to gitlab

GitLab remote: HTTP Basic: Access denied and fatal Authentication How can I switch to another branch in git? HTTP Basic: Access denied fatal: Authentication failed Getting permission denied (public key) on gitlab Delete commit on gitlab error: RPC failed; curl transfer closed with outstanding read data remaining ssh : Permission denied (publickey,gssapi-with-mic) Fix GitLab error: "you are not allowed to push code to protected branches on this project"? Change Default branch in gitlab How can I clone a private GitLab repository?