5 Replies Latest reply: Sep 22, 2007 3:12 AM by Tim Haigh
jnm3 Level 1 (0 points)
Trying to ssh and I get the following message:

Permission denied (publickey,keyboard-interactive)

The first time I ran ssh it added the (RSA) to the list of know hosts... But then drop'd to the command line with the above message... Any ideas, why?

Thank you

iMac, Mac OS X (10.4.10)
  • j.v. Level 5 (4,155 points)
    You are using the login account name of a valid account on the remote machine, and not the local machine on which you are currently typing? You are using the short user name (and not the long user name) of that valid account on the remote machine as the login username? And you are certain that the password you are entering is the correct password for that account on the remote machine?
  • Tim Haigh Level 7 (24,185 points)
    Why not copy your public key onto the server into ~/.ssh/authorized_keys

    Then you will not be prompted for a password.

  • jnm3 Level 1 (0 points)
    I'm totally new to the imac/apple world and would like to add the key to ~/.ssh/authorized_key, How?
  • j.v. Level 5 (4,155 points)
    you would have had to create a key pair using the ssh-keygen command, then transport the id_rsa.pub or id_dsa.pub to the server computer via memory stick or some other means, and then do
    cat /Volumes/NameOfMemStick/id_rsa.pub >> ~.ssh/authorized_keys 
    cat /Volumes/NameOfMemStick/id_dsa.pub >> ~.ssh/authorized_keys2 
    (assuming that you physically delivered it to the other computer via memstick) depending on what kind of key pair you created.
  • Tim Haigh Level 7 (24,185 points)
    I only use DSA keys to login to the servers I administrate. The command to generate a public and private key is

    ssh-keygen -b 1024 -t dsa

    you will then be prompted where to save the keys press enter to save them in the default location.

    Generating public/private dsa key pair.
    Enter file in which to save the key (/Users/user/.ssh/id_dsa):

    The keys will then be saved


    then you will be prompted to enter a passphrase. Dont enter a passphrase just press enter twice.

    Enter passphrase (empty for no passphrase):

    The terminal will now display the key fingerprint.

    Now in your .ssh directory you need to copy id_dsa.pub to your user account on the server and add it to the file authorized_keys2

    they way I do this is to use the scp command

    scp /Users/user/.ssh/id_dsa.pub serveraddress:

    I then ssh into the server and issue this command

    cat id_dsa.pub >> /Users/user/.ssh/authorized_keys2

    This is useful as it will add the key to the end of the file authorized_keys2. so if you add any subsequent keys you will not overwrite the previous key. This is useful if you login to servers from different computers.

    Once you have your public key working you can disabled password authentication and use public key authentication only. This makes your server very secure.