Answer the question
In order to leave comments, you need to log in
Why doesn't it allow ssh (Permission denied (publickey)) from the second IP?
Configured SSH access to a remote machine using keys. The key has been copied from the client to the server.
Access by: ssh external_ip
works great.
An OpenVPN server is up on the remote machine. When trying to access by IP tun-interface (10.8.0.1) results in a "Permission denied (publickey)" error.
Judging by the logs ( ssh -v ), the problem is that in the second case, SSH cannot find the required key in ~/.ssh/known_hosts - I have a non-standard key file name (different keys for different machines).
The connection with an explicit key file passes, but apparently does not add an entry to ~/.ssh/known_hosts - a second attempt to connect without specifying the file leads to the same error.
What does not add clarity is that the file~/.ssh/known_hosts is hashed - IPs of remote machines are not visible.
How can I make the SSH client remember that there is 1 same key for 2 different IP remote machines?
debug1: Server host key: ssh-ed25519 SHA256:_some_host_key_
debug1: Host '10.8.0.1' is known and matches the ED25519 host key.
debug1: Found key in /home/user/.ssh/known_hosts:7
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: ED25519 SHA256:_some_key_ .ssh/id_ed25519_my_remote_machine
debug1: Server accepts key: pkalg ssh-ed25519 blen 51
debug1: Authentication succeeded (publickey).
debug1: Server host key: ssh-ed25519 SHA256:_some_host_key_
debug1: Host '10.8.0.1' is known and matches the ED25519 host key.
debug1: Found key in /home/user/.ssh/known_hosts:7
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/user/.ssh/id_rsa
debug1: Trying private key: /home/user/.ssh/id_dsa
debug1: Trying private key: /home/user/.ssh/id_ecdsa
debug1: Trying private key: /home/user/.ssh/id_ed25519
debug1: Trying private key: /home/user/.ssh/id_xmss
debug1: No more authentication methods to try.
[email protected]: Permission denied (publickey).
Answer the question
In order to leave comments, you need to log in
Set up ~/.ssh/config to set up different keys for different servers
Judging by the logs (ssh -v), the problem is that in the second case, SSH cannot find the required key in ~/.ssh/known_hosts - I have a non-standard key file name (different keys for different machines).
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question