Platinum Partner
server,devops,linux,ubuntu,encryption,ssh,pka

Tried Everything and SSH with PKA Still Not Working?

I recently ran into the situation in which I couldn’t get PKA to work when SSHing into my Ubuntu server. I checked the key pair (works fine SSHing into other servers), directory permissions, /etc/ssh/sshd_config, /var/log/auth.log, all that. Ran ssh -vvv but nothing obvious other than the server wasn’t accepting my PKA authentication. I’m not a systems guy, but I’ve set this up often enough that I couldn’t figure out for the life of me why it kept going for password authentication.

Finally found the answer: my home directory is encrypted. SSH can’t read the ~/.ssh/authorized_keys file until I log in, so it rejects the PKA auth and goes to password.

The solution is to place the authorized_keys file in an alternative location (e.g., /etc/ssh/<username>/authorized_keys), reconfigure sshd_config to use that location, set permissions, and restart the SSHD server. It’s here, under Troubleshooting.

Hope that helps somebody out. It was driving me bonkers.

Published at DZone with permission of {{ articles[0].authors[0].realName }}, DZone MVB. (source)

Opinions expressed by DZone contributors are their own.

{{ tag }}, {{tag}},

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}
{{ parent.authors[0].realName || parent.author}}

{{ parent.authors[0].tagline || parent.tagline }}

{{ parent.views }} ViewsClicks
Tweet

{{parent.nComments}}