1

I had keys set up for SSH'ing to a remote server without password, however they no longer work. The only change I can think of is that I install HomeBrew - I did not update / install a new OpenSSH.

My approach for keys:

% ssh-keygen -t rsa

Copy id_rsa.pub to remote server and append to

~/.ssh/authorized_keys

But now I am being asked for passwords each time I login. Is this related to HomeBrew? My friend is able to access the same server using the same approach on the same model of MacBook Pro, prior to installing HomeBrew.

Edit:

% ssh -vvv host
...
debug1: Offering public key: /Users/jamieborder/.ssh/id_rsa RSA SHA256:1WyWpE6/LdZHP5lbhWF9I8rF4NUBhopfTm9nJ/2Iros explicit
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 60
debug2: input_userauth_info_req: entering
debug2: input_userauth_info_req: num_prompts 1
...
Improve this question
6
  • 1
    I can’t see how installing Homebrew would break SSH. Have you tried connecting anf manually specifying the identity fike? Commented Jan 19, 2023 at 23:58
  • I thought it might've changed permissions or something. What do you mean manually sorry? I've added 'Host xx\nIdentityFile ~/.ssh/id_rsa' to my ~/.ssh/config Commented Jan 20, 2023 at 0:02
  • What does ssh -vvv host say the problem is? Commented Jan 20, 2023 at 0:09
  • Added what I think is relevant section of output to edit, thanks Commented Jan 20, 2023 at 0:11
  • And also tried `ssh -i ~/.ssh/id_rsa host' with same result. Commented Jan 20, 2023 at 0:29

1 Answer 1

Reset to default
3

Based on the logs you shared, you may want to check why this is present:

debug2: we did not send a packet, disable method

It seems this error log isn't very specific from client side logging, to have more information, you might want to enable server side logging, also check some potential root cause

Enable server side logging

I found this answer from TripeHound where he explains how to run a local sshd server, which allows you to see both client and server side logs:

Start a new SSH Server instance on a new port in debug mode with:

/usr/sbin/sshd -d -p 2222

then connect to it from the client with:

ssh -p 2222 user@host

You can then check authentication failures using (more info here):

grep 'sshd' /var/log/auth.log

Troubleshooting options

Hopefully server side logs will help, in any case here are some possible root causes for that error that were shared on this post

  • Post 1 Login shell for the account is set incorrectly in /etc/passwd

Make sure shell used to login has been changed by somebody else, if you use a shared user to connect for example, maybe check with your friend as he can access the server

  • Post 2 Bad permissions on the home directory, ssh keys, config folder
chmod g-w /home/user
chmod 700 /home/user/.ssh
chmod 600 /home/user/.ssh/authorized_keys
  • Post 3 A malformed authorized_keys file on the destination host

Hope this helps, don't hesitate to provide more information if it doesn't (like server-side logs)

Improve this answer
3
  • 1
    You need to summarise the information provided in the links, and provide enough detail that others can confirm the answer is correct. Just posting links isn't helpful, as if they disappear, then your answer is meaningless. An answer should be self-contained where possible. Commented Feb 5, 2023 at 1:00
  • 1
    Thanks for your helpful feedback, I didn't think about that, it makes sens indeed ! Updated, don't hesitate if you spot more improvements Commented Feb 5, 2023 at 13:06
  • 1
    Thanks for the very in-depth response. The issue was the permissions of my home directory on the remote server (related to post 2), which was not something I thought I was able to change. Commented Feb 6, 2023 at 4:49

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.