SSH permission denied

Question

I have problem logging using ssh to company server.

I have my local ~/.ssh/config;

Host target
  HostName xx.yy.zzz.aaa
  User abcd
  IdentityFile ~/.ssh/id_ed25519
  IdentitiesOnly=yes

I have other hosts and these works so I don't suppose the mistake here...

On the remote server I added the key to /home/abcd/.ssh/authorized_keys via root account and permissions in ~/.ssh/ looks good

drwx------ 2 abcd abcd 4096 Jul 31 21:14 .
drwxr-xr-x 3 abcd abcd 4096 Jul 31 21:07 ..
-rw------- 1 abcd abcd  104 Jul 31 21:14 authorized_keys

I also added myself to the ssh group and in /etc/ssh/sshd_config I added my username and the ssh group to allowed users/group. Also I've reloaded the sshd systemctl reload sshd

AllowUsers ab ba abc abcd
AllowGroups admin ssh root

The groups shouldn't make so much difference as AllowUsers is preferred over it, but it's still there ssh-copy-id won't work as password login is disabled.

But I still get permission denied (pubkey) so I must use different temporary accessible account What am I missing? Thanks

Answer 1

It works now. All the steps are in the question.

SSH server just needed some time to process the changes.

First the config:

HostName 77.111.222.333
User abcd
IdentityFile ~/.ssh/id_ed25519
IdentitiesOnly=yes

Add your PUBLIC key into ~/.ssh/authorized_keys on your server and make sure it's used when connecting into the server

Make sure for the permission are very strict both on server and local

drwx------ 2 abcd abcd 4096 Jul 31 21:14 .
-rw------- 1 abcd abcd  104 Jul 31 21:14 authorized_keys

In /etc/ssh/sshd_config make sure your username is in the AllowUsers list or if not present your group is in AllowGroups and verify you're the member of the group running groups $USER

If you checked this, try to reload the SSH service by systemctl reload sshd and wait until it works.

For hints on what could be wrong use -vvv verbose setting of SSH. But it didn't help me much :)