Repair SSH Failed Permission Denied (publickey,gssapi-keyex,gssapi-with-mic)

Introduction

The SSH Permission denied error seems after permission-related settings are modified on the SSH server. Standard eventualities embrace a brand new bundle set up or the creation of latest customers.

On this tutorial, you’ll discover ways to troubleshoot the SSH Permission denied error and reconnect to your SSH server.

How to Fix the SSH Permission Denied Error

Conditions

  • SSH shopper on the native machine and SSH server on the distant system
  • A consumer account to entry the distant server (for password-based login)
  • A consumer account with sudo or root privileges

What’s Inflicting SSH Permission Denied (publickey,gssapi-keyex,gssapi-with-mic)?

The SSH Permission denied error seems when making an attempt to SSH right into a server:

Permission denied (publickey,gssapi-keyex,gssapi-with-mic)
The SSH Permission denied error appearing after a login attempt

Following the Permission denied assertion, the bracket incorporates the tried authentication strategies that failed on the initiation of the connection. The error means that the general public key’s the difficulty, which is deceptive.

One cause for the error could also be sshd_config, the file that incorporates SSH server configuration. The opposite chance is that the authorized_keys file has inadequate permissions. This file incorporates the checklist of public keys for the purchasers allowed to SSH into the server. Consequently, the system’s incapacity to learn from the file ends in the Permission denied error.

repair SSH Permission denied 

Each options include steps it’s worthwhile to carry out on the server-side. Begin by opening the terminal in your server and proceed with one of many options under.

Answer 1: Allow Password Authentication

If you wish to use a password to entry the SSH server, an answer for fixing the Permission denied error is to allow password login within the sshd_config file.

To do that, open the file in a textual content editor.  This instance makes use of the nano editor:

sudo nano /and many others/ssh/sshd_config

Within the file, discover the PasswordAuthentication line and ensure it ends with sure.

Discover the ChallengeResponseAuthentication possibility and disable it by including no.

If traces are commented out, take away the hash signal # to uncomment them.

Editing the shhd_config file to enable password authentication to fix SH Failed Permission Denied (Publickey,Gssapi-Keyex,Gssapi-With-Mic)

Save the file and exit.

Restart the SSH service by typing the next command:

sudo systemctl restart sshd

Answer 2: Change File System Permissions

Utilizing the password-based login because the SSH authentication methodology just isn’t really useful on account of safety considerations. Subsequently, the next resolution could also be preferable because it troubleshoots the general public key authentication methodology.

First, open the sshd_config file utilizing a textual content editor:

sudo nano /and many others/ssh/sshd_config

Within the file, ensure that the next choices are set as follows:

PermitRootLogin no
PubkeyAuthentication sure
Editing the shhd_config file to enable public key authentication

Observe: The steps above are thought-about finest safety practices. If it’s worthwhile to use root login, set the related line to sure.

Remark out the GSSAPI-related choices by including the hash signal at first of the road:

#GSSAPIAuthentication sure
#GSSAPICleanupCredentials no
Editing the shhd_config file to comment out the GSSAPI-related options

Additionally, ensure that the UsePAM line is about to sure:

UsePAM sure
Editing the shhd_config file to enable UsePAM

Save the file and restart the sshd service:

systemctl restart sshd

Now navigate to your property folder and verify the permissions:

ls -ld
Checking home folder permissions

In case your proprietor permissions should not set to learn, write, and execute (drwx------), use the chmod command to vary them:

chmod 0700 /house/[your-username]

Now go to the .ssh folder and recheck the permissions:

ls -ld
Checking the .ssh folder permissions

This listing must also have learn, write, and execute permissions for the file proprietor. To implement them, use chmod once more:

chmod 0700 /house/your_home/.ssh

The .ssh folder incorporates the authorized_keys file. Examine its permissions with:

ls –ld authorized_keys
Checking the permissions of the authorized_keys file

The file proprietor ought to have learn and write permissions. To set them, use:

chmod 0600 /house/[username]/.ssh/authorized_keys

Now attempt logging in with the important thing pair once more. The output under reveals a profitable login try.

A successful SSH login attempt after troubleshooting

Conclusion

This tutorial coated the steps essential to troubleshoot the SSH Permission denied (publickey,gssapi-keyex,gssapi-with-mic) error. By finishing the steps within the information, you need to repair the error and efficiently SSH into your server.

Leave a Reply

Your email address will not be published. Required fields are marked *