Permission denied (publickey).

Whenever I tried to ssh from one of my Google Cloud VMs to another, I got an error message. SSH asks me if I want to continue connecting, and when I say "yes", I get:

Permission denied (publickey).

If I just type enter (fingerprint), I get

Host key verification failed.
Solution for both issues:
# ssh -o "StrictHostKeyChecking no" thorsten@linuxintro.org
A question that remains open with me is why I did not have to do it earlier. Earlier, the host keys were automatically added to the known_hosts file.

Now I get the next error:
# ssh thorsten@linuxintro.org
thorsten@linuxintro.org: Permission denied (publickey).

To resolve this error, I need a private/public ssh key pair on my laptop.
If you don't have a public key, create it using the command

ssh-keygen
Type ENTER for every question from ssh-keygen. Then you will find your public key file in your home directory under .ssh/id_rsa.pub. Find out how it looks, here is mine:

# cat .ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDa5um7k0qOD8xC+I+4EWJR1NAG7GBT3ho5IIouOo3fVSXteApdmTfoX0qfdezR1/+pxAvK1fqoIHNVI1IWDEiqFnVBB1skkh/B5M/BvBECmtPZPbXTtJbwgNJ6Uq8VT0DH0FiOtpO+Qn40rEjDXRmrtKQZcuzF0WrboAuUld+L7Ma374o6hZiiSRztTEfIPCUaWdRzGyk/zBLYLf8TPIxk0/Qor/G+Gqf5ulW+FHn4veDoythdJRa0pQoBJzWzDWNuCRPgNk0wrOElivaGNDIesSAYnhLZvwzWNJlHlh3jeAEmi5Y5AhLo5f/sS7eaI28xaJ2Uym4FG/yC0VjgTcmpGB27YL/6bogsHu3OWyqcW0F+2rBv3lcDXTI8kFSgc+724RbFLuhuxbfrcs/t9TL4eTBsx4YcI15BMrMcX8hIw8LTIwzGIWtBwE0HrBmaZtPfXcDm5p+gI1899n2oRauBFBjlZ35Q5YJQpVRDDcEqSns54FEZ+HlLXWyUkPMRf6c= thorsten@tweedleburg

I copy the content to the clipboard and surf to console.cloud.google.com -> VM Instances. Then I click on my VM -> edit and set os_login to false:

Then I scroll to "SSH Keys" and add the ssh key:

and click on "Save". Then I test it again and it works:
thorsten@tweedleburg:~/.ssh$ ssh thorsten@linuxintro.org
Linux instance-2 4.19.0-23-cloud-amd64 #1 SMP Debian 4.19.269-1 (2022-12-20) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Mon May  1 08:26:32 2023 from 77.179.28.99
thorsten@linuxintro:~$ 

TroubleShooting

If you run into issues, it will mostly be one of the two error messages above to my experience. It is important to make sure enable_oslogin is set to false. Please leave me a comment if it does not work for you.
Keep your fingers away from .ssh/authorized_keys, this will be managed from the data input into the Cloud Console.

Further thought recommendations

  • You can now trigger remote command executions using the ssh command, for example here you see the VM's uptime on your laptop:
# ssh thorsten@linuxintro.org uptime
 08:55:16 up 89 days, 18:37,  0 users,  load average: 0.00, 0.04, 0.01
  • You can now copy files to your VM using the command scp, e.g.:
# scp /var/log/messages thorsten@linuxintro.org:
  • You can also set project-wide SSH keys in the Cloud Console. In the search bar, type Metadata and select compute engine metadata.
  • You can run graphical programs on the VM, being displayed on your laptop:
The xeyes command displays two eyes focusing on your
mouse cursor, so you can easier find it.
  • For Windows, you can do the same in putty or better MobaXTerm

Sources and references

Comments

Post a Comment

Popular posts from this blog

Set up a webcam with Linux

Image
You want to use your webcam with a Linux computer? Good, then this article is for you. If you have a notebook or a laptop with an integrated webcam, this will most probably work out of the box. If you have a USB webcam, connect it to your computer. Then, you  open a console (aka terminal)  and type  cheese The "cheese" application will start up and show your webcam's output like this: A capture from a webcam in the program Cheese If this works, congratulations, you can now use your webcam with video editors, conferencing software, and so on. But: cheese may not be installed the drivers (aka kernel modules) for the webcam may not work your Linux computer may not have a graphical user interface (or you may not want it) you may want to switch between several webcams Install Cheese If you do not have the software cheese installed, you can install it by means of your distribution.  Find out your Linux distribution , open a terminal and enter: for Debian, Raspbian, Ubuntu, Kubu
Read more

PuTTY: No supported authentication methods available

Image
Today I got again this error message when trying to connect PuTTY to my Google Cloud VM: “No supported authentication methods available”: This time I decided to write down exactly what I do to get rid of it. Here it is: call puttygen, generate a public/private key pair by clicking on "Generate" and moving the mouse a bit: copy the blue part to the clipboard using CTRL_C save the private key as private.ppk, the public one as key.pub. go to Google Cloud Console, search for Metadata, click on it: paste the ssh public key there, but make sure to replace the username with your username: click on metadata and set OSLogin to false: Now start putty, enter a session (I use linuxintro.org in the example screenshots ), click save: select connection -> SSH -> Auth, add the private key file for authentication, then click open: don't forget to go back in putty to the front page and save: Then click on open and see: it works :) TroubleShooting server refused our key : got this whe
Read more

My SAT>IP Server

Image
I bought a SAT>IP Server to bring my satellite TV into my WLAN. I want this because my satellite's connection is in another place in the room than my TV. First learning: You need a SAT>IP Server, not a SAT>IP Receiver. A SAT>IP Server receives signals from the LNB. A SAT>IP Receiver receives a connection from the SAT>IP Server and transforms it into an HDMI stream (for example). As SAT>IP Receiver you can also use the VLC software which will just display the video stream. When buying, make sure you buy a server. Second learning: The latest Kathrein EXIP 418  SAT>IP Server did not work with my setup. It needs a multi-switch between the LNB and the server. When buying, make sure you understand the setup. Mine looks like this: So I settled for a Telestar  TwinBit SAT>IP Server. Laptop To watch TV on my Windows Laptop, I download VLC and start it. Click View->Playlist. Point it to Universal Plug'n'Play, and wait 6 minutes, 47 seconds, and the ser
Read more