Answer the question
In order to leave comments, you need to log in
O
O
Oleg2018-06-18 23:51:38
Oleg, 2018-06-18 23:51:38
Why doesn't it allow ssh (Permission denied (publickey)) from the second IP?
Configured SSH access to a remote machine using keys. The key has been copied from the client to the server.
Access by: ssh external_ip
works great.
An OpenVPN server is up on the remote machine. When trying to access by IP tun-interface (10.8.0.1) results in a "Permission denied (publickey)" error.
Judging by the logs ( ssh -v ), the problem is that in the second case, SSH cannot find the required key in ~/.ssh/known_hosts - I have a non-standard key file name (different keys for different machines).
The connection with an explicit key file passes, but apparently does not add an entry to ~/.ssh/known_hosts - a second attempt to connect without specifying the file leads to the same error.
What does not add clarity is that the file~/.ssh/known_hosts is hashed - IPs of remote machines are not visible.
How can I make the SSH client remember that there is 1 same key for 2 different IP remote machines?
Successful connection log
debug1: Server host key: ssh-ed25519 SHA256:_some_host_key_
debug1: Host '10.8.0.1' is known and matches the ED25519 host key.
debug1: Found key in /home/user/.ssh/known_hosts:7
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: ED25519 SHA256:_some_key_ .ssh/id_ed25519_my_remote_machine
debug1: Server accepts key: pkalg ssh-ed25519 blen 51
debug1: Authentication succeeded (publickey).Connection log with an error
debug1: Server host key: ssh-ed25519 SHA256:_some_host_key_
debug1: Host '10.8.0.1' is known and matches the ED25519 host key.
debug1: Found key in /home/user/.ssh/known_hosts:7
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/user/.ssh/id_rsa
debug1: Trying private key: /home/user/.ssh/id_dsa
debug1: Trying private key: /home/user/.ssh/id_ecdsa
debug1: Trying private key: /home/user/.ssh/id_ed25519
debug1: Trying private key: /home/user/.ssh/id_xmss
debug1: No more authentication methods to try.
[email protected]: Permission denied (publickey). 3 answer(s)
@Batiskaf_stv
@saboteur_kiev
Known_hosts contains a list of known hosts (known hosts).
The key file is located, for example, in id_rsa or id_dsa
K
krypt3r, 2018-06-19 @Batiskaf_stv
Set up ~/.ssh/config to set up different keys for different servers
S
Saboteur, 2018-06-19 @saboteur_kiev
Judging by the logs (ssh -v), the problem is that in the second case, SSH cannot find the required key in ~/.ssh/known_hosts - I have a non-standard key file name (different keys for different machines).
Known_hosts contains a list of known hosts (known hosts).
The key file is located, for example, in id_rsa or id_dsa
Similar questions
T
A
I
V
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question