I have been using plain ssh (username password checking) successfully. I am trying key authentication. Here is the issue - 3 computers:
A: Tumbleweed Desktop B: Ubuntu server C: Ubuntu desktop
A connects to B. It is prompted for a passphrase it accepts it.
This, to me, means it is checking the key for authentication.
B will connect to C or C connect to B Only if I enable “PasswordAuthenticaton yes” in sshd_config.
This to me means it is NOT checking keys. Both ask for, and accept, a username password. This is plain ssh.
Even though each has the others public key in its authorized_keys file.
This means:
A is Client
B is Server.
Have you generated a key on Client A:
ssh-keygen
Have you added the key from Client A to Server B with:
ssh-copy-id
Have you disabled Password authentication on Server B:
grep -i password /etc/ssh/sshd_config
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
PermitEmptyPasswords no
# Change to no to disable s/key passwords
# PasswordAuthentication. Depending on your PAM configuration,
# the setting of "PermitRootLogin without-password".
# PAM authentication, then enable this but set PasswordAuthentication
Yes, as I tried to say above “A” (Tumbleweed desktop) connects via passhrase to “B” (Ubuntu server), – “PasswordAuthentication” is set no in server**.**
Both public-keys for “A” & “C” (Ubuntu desktop)" are current, and have been double-checked and manually installed in “authorized_keys”.
If “PasswordAuthentication” set to no, in both “A” & “C” – neither connects.
If both reset to “Yes” – both connect.
If I reset only one, its one-way.
With password off in “C” it will not connect to “B” (server).
So, PubKey auth. is only working “A” to “B”
Right now, (see above) “A” has both Password & PubKey set to yes.
“B” still lets me in though.
I just ran a ssh -vvv flagged – “C” to “B” – whew, I’m trying to make sense of it.
If someone here is experienced in that debug, I’ll post the output.