Permission denied (publickey).

Whenever I tried to ssh from one of my Google Cloud VMs to another, I got an error message. SSH asks me if I want to continue connecting, and when I say "yes", I get:

Permission denied (publickey).

If I just type enter (fingerprint), I get

Host key verification failed.

Here I want to show you how to resolve this.

The reason for this error message is that password logins are disabled by default, and that is a very sensible default. So we have to use host keys. A host key consists of a public and a private part. Let's create it right away. Use any VM, log in via browser-ssh and issue:

ssh-keygen -t rsa

Confirm all the defaults (even a hen could do this if you put enough corns onto the Enter key).

Let's look at your public key:

$ cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCWo9/5gZ6Du51Rz3T7MOqgJg3aHPqw8CzVw20+DxeUh5FEGuZWQmRpToI7yH+9pR6JgqThJQ/MUyFELKKuKN4uafpOzPwclrLqv9oP+CWp3dYv020u3847eqBxotltD1L8o5D5+O1REbKKOlGQxyrs0xdYVuA3vm2UYH5aFXxs0BDlJTrKXYjjAOy6a6wliSAd5AlDGa3X6N0+pGFjURq3bF+QdqxBxPfYkbOE4ldCSbWSVPL9wkRLriyOgkHCBnBumsN6y19LFZwPVIZetzatM6RuFF/995cvtMVpKnxAvRd2jVefRaI9SSFQ9WL3Coo9cbpa0j1DuugqIElLc+oP thorsten@instance-2

This guy must now go into authorized_keys and your ssh query will be accepted whereever this file contains this public key. To put it into authorized_keys, you must find out if OS Login is enabled or not. OS Login manages (and overwrites) the authorized_keys file inside the operating system for you.

To find out if OS Login is enabled, go to the project metadata in Cloud Console:

In the following picture it is disabled:


If OS Login is disabled, log in via browser ssh to the target VM and add your key to authorized_keys:
$ cat id_rsa.pub >>~/.ssh/authorized_keys
(use copy-and-paste, terminate the input by typing CTRL_D)

If OS Login is enabled, add the key to the project's metadata, there is a tab "SSH keys":
Now it works:
thorsten@instance-2:~$ ssh 34.123.85.213
Welcome to Ubuntu 20.04.3 LTS (GNU/Linux 5.11.0-1022-gcp x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Sat Jun  4 22:33:39 UTC 2022

  System load:  0.0               Processes:             138
  Usage of /:   84.3% of 9.52GB   Users logged in:       1
  Memory usage: 39%               IPv4 address for ens4: 10.128.0.5
  Swap usage:   0%


369 updates can be applied immediately.
245 of these updates are standard security updates.
To see these additional updates run: apt list --upgradable


Last login: Sat Jun  4 22:04:09 2022 from 34.122.183.250
thorsten@guacamole-2:~$ 




Comments

Popular posts from this blog

Set up a webcam with Linux

PuTTY: No supported authentication methods available

My SAT>IP Server