In this article we will learn how to fix SSH failed permission denied(publickey) in Ubuntu. We will also cover how to troubleshoot SSH and resolving Permission Denied Issues.
Introduction:
SSH (Secure Shell) is a widely used protocol for secure communication over networks, particularly in remote server administration. However, encountering a "Permission Denied" error can be frustrating for users attempting to establish an SSH connection.
This article aims to guide you through the troubleshooting process and provide solutions to fix SSH failed permission denied issues. Sometimes you may repeat the process from the beginning. In this case you can use guide to setup new SSH key like: Setting up an SSH key
1. Check User Permissions
One of the most common causes of SSH permission denied errors is incorrect user permissions. Ensure that the user attempting to connect has the appropriate permissions for accessing the Ubuntu server.
Verify that the user has the correct privileges in the server's authorized_keys file:
In home directory run the following command:
chown -R your_user:your_user .ssh
then you need to run
chmod 700 .ssh
chmod 600 .ssh/authorized_keys
or you can run the same command from different folder:
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
2. Key Pair Configuration
Confirm that you are using the correct key pair for authentication. If you are using key-based authentication, make sure the public key is correctly added to the server's authorized_keys file.
Verify that the private key is accessible and has the right permissions on the client side.
chmod 600 ~/.ssh/id_rsa
3. SELinux and AppArmor
If your server has:
- SELinux
- AppArmor
enabled, these security modules may prevent SSH connections.
Examine the logs and adjust the security policies accordingly. You can temporarily disable SELinux or AppArmor for testing purposes:
setenforce 0 # For SELinux
Check the resource section for more information and why this might be not the best solution.
4. Password Authentication
Ensure that password authentication is allowed on the server. In the server's sshd_config file
sudo nano /etc/ssh/sshd_config
make sure the following lines are uncommented and set as:
PermitRootLogin no
PubkeyAuthentication yes
Restart the service:
sudo systemctl restart sshd
5. Check Authentication Logs
Examine the authentication logs on the server for more detailed information about the permission denied error.
Common log locations include
/var/log/auth.log- Debian-based systems/var/log/secure- Red Hat
Example examination via:
tail -f /var/log/auth.log -n 100
6. Firewall Configuration
Confirm that the firewall settings allow SSH traffic. If using a firewall like:
- iptables
- ufw
make sure the necessary ports (default is 22) are open.
sudo ufw allow 22
7. Update SSH Packages:
Ensure that both the client and server have up-to-date SSH packages installed.
Outdated software may have known issues that have been addressed in newer releases:
For Debian-based systems
sudo apt-get update && sudo apt-get upgrade
and for Red Hat:
sudo yum update
Conclusion:
By systematically addressing these common issues, you can troubleshoot and resolve SSH failed permission denied errors.
It's better to take a careful and step-by-step approach, by following well written guides and considering best practices when you create a new SSH key.