Solved ssh key - password not recognised

[fred974]

Hello, I have generated a new ssh key for a new jail and I am unable to login to the server with it.
Could anyone help me please?

uname -a

FreeBSD holy.trinitech.ltd 10.1-RELEASE-p9 FreeBSD 10.1-RELEASE-p9 #10: Thu Apr  9 14:58:33 BST 2015  root@trinity.trinitech.ltd:/usr/obj/usr/src/sys/TRINITYKERN  amd64

ssh -V

OpenSSH_6.6.1p1, OpenSSL 1.0.1l-freebsd 15 Jan 2015

cat /etc/ssh/sshd_config

Port 1613
ListenAddress 192.167.1.175
Protocol 2
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 30s
PermitRootLogin no
AllowUsers nobody
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
HostbasedAuthentication no
IgnoreRhosts yes
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
KerberosAuthentication no
GSSAPIAuthentication no
GatewayPorts no
X11Forwarding no
PrintMotd yes
TCPKeepAlive yes
UsePrivilegeSeparation yes
ClientAliveInterval 300
ClientAliveCountMax 2
PermitTunnel yes
Banner /etc/ssh/ssh-banner
Subsystem  sftp  /usr/libexec/sftp-server

The key was generated using the following commands:
ssh-keygen -b 4096 -f ~/.ssh/id_rsa4096_test -C fred@FreeBSD_test -o -a 500
cat ~/.ssh/id_rsa4096_test.pub >> ~/.ssh/authorized_keys
sudo service sshd restart

On my Windows7 machine I use Cygwin64 Terminal to connect to my FreeBSD's machines.

C:\cygwin64\etc\ssh_config

Host trinity
  #Hostname 85.101.162.71 # When connecting directly to Extif
  Hostname 192.167.1.175  # when using OpenVPN
  User freebsdadmin
  Port 1613
  IdentityFile ~/.ssh/id_rsa4096_test.pub

Then when I try to connect to the server the passphrase is not accepted

$ ssh trinity

********************************************************************************  *
*  This system is for the use of authorized users only.  Usage of  *
*  this system may be monitored and recorded by system personnel.  *
*  *
*  Anyone using this system expressly consents to such monitoring  *
*  and is advised that if such monitoring reveals possible  *
*  evidence of criminal activity, system personnel may provide the  *
*  evidence from such monitoring to law enforcement officials.  *
*  *
********************************************************************************  *
Enter passphrase for key '/home/fetheve/.ssh/open_SSL_trinity_newKey.pub':
Enter passphrase for key '/home/fetheve/.ssh/open_SSL_trinity_newKey.pub':
Enter passphrase for key '/home/fetheve/.ssh/open_SSL_trinity_newKey.pub':
Permission denied (publickey).

Thank you

 

[tobik@]

You add the public key to ~/.ssh/authorized_keys (which you did) and use the private key (the one not ending with .pub) on the client. You used the public key on both client and server.

You need to copy your private key to your Windows machine if you haven't already.

 

[tetragir]

Hi,

Unfortunately it's not clear to me, if trinity is the FreeBSD host machine, you want to reach with SSH? Is it important, that the machine has jails? Or you want to reach a jail?
Anyway, did you generate the SSH key on the machine, you want to reach? It seems to me, that you have generated an SSH key on the SSH server, not on the SSH client. The easiest is to generate an SSH key on the client, upload the public key to the server and then you can reach your server (with ssh-copy-id user@123.45.56.78). There is a quite good guide made by DigitalOcean: https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2 (altough it has been written for Linux, you can set up the SSH key authentication the same way on FreeBSD).