Accessing server with public/private key authentication failed

risocync

Registered
Jul 23, 2019
3
0
1
Indonesia
cPanel Access Level
Root Administrator
Helo, this is my first thread and want to ask for help if anyone here has the same case

This is the case:
Last week I can normally access my server using bitvise SSH client with password authentication method, but today I want to harden ssh with public key method which I can't configure correctly OR there must be misconfiguration with my public key setup, either at server side or client side. (Yes, I figured out that I don't know how to setup public/private key method from cpanel server with bitvise SSH client)

This is the error log from bitvise

14:36:22.109 Connection established.
14:36:22.321 Server version: SSH-2.0-OpenSSH_5.3
14:36:22.321 First key exchange started. Cryptographic provider: Windows CNG (x86) with additions
14:36:22.779 Received host key from the server. Algorithm: RSA, size: 2048 bits, SHA-256 fingerprint: 1xdysnwZXHpQQlIndtt5bVILooSGvziowjc2gqs3ZX0.
14:36:22.808 First key exchange completed using diffie-hellman-group14-sha1 (group 14, 2048-bit). Session encryption: aes256-ctr, integrity: hmac-sha2-256, compression: none.
14:36:23.020 Attempting publickey authentication. Testing client key 'Profile 1' for acceptance.
14:36:23.226 Authentication failed. The key has been rejected. Remaining authentication methods: 'publickey,gssapi-keyex,gssapi-with-mic'.


This is what I want to achieve
I want to gain access into my server using bitvise SSH client, with public/private key method instead of password authentication

What I have done before asking
I have read a lot of tutorial on how to use public/private key method (which maybe I don't really get it right)
I have generate the key on both size, and try to connect to the server
I have whitelist my ip address
I have changed the bitvise SSH client to putty, and got no difference


Any kind of response or how to solve this case will be very appreciated
Thank you
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,272
313
Houston

risocync

Registered
Jul 23, 2019
3
0
1
Indonesia
cPanel Access Level
Root Administrator
Hello @risocync

You mentioned you read some tutorials but were you able to check out the documentation here: Manage root's SSH Keys - Version 82 Documentation - cPanel Documentation

It should provide the exact steps you need to do this.

Then for the portion which will require Bitvise you should be able to get the information you need here: Public keys in SSH | Bitvise
Helo cPanelLauren,
I think my problem is solved, but still want to know what is wrong with my server

Here's what I did:
I decided to update whm to edge update (I got previous update blocked because of mysql problem)
I don't know what's wrong with the server, but after the update and I didn't touch anything related to public key, just skip and trying to login to my server using bitvise. And it authenticated successfully with my previous generated public key setup as I read in the both documentation (cpanel & bitvise).

Thank you for the reply, have a good day!
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,272
313
Houston
Hi @risocync

I wonder if the issue may have just been that SSH needed to be restarted, which would make sense after an update if the service had been updated. That's about all I can speculate though without more information, none the less I am glad to hear that it is now working.
 

risocync

Registered
Jul 23, 2019
3
0
1
Indonesia
cPanel Access Level
Root Administrator
Hi @risocync

I wonder if the issue may have just been that SSH needed to be restarted, which would make sense after an update if the service had been updated. That's about all I can speculate though without more information, none the less I am glad to hear that it is now working.
Yes, I thought about it too, but before I decided to ask to cpanel forum, I did several basic troubleshoot like sshd service restarted, reboot the server, changing SSH port, checking permission settings on public key file, checking firewall, whitelisting ip, change network connection (from my end) and got no good result

But in the end it solved, and I need to learn more from now on.