The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Key authentication not working

Discussion in 'Security' started by Erjen, Sep 8, 2014.

  1. Erjen

    Erjen Member

    Joined:
    Jul 14, 2014
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    I can't get this to work.
    I am using remote SFTP backup and trying to get this to work with key authentication (password authentication works fine). But it keeps giving me this error:
    Error: Validation for transport “randomname” failed: Permission denied (publickey,password).

    On the destination server, I generated a 4096 RSA key with a passphrase:
    Code:
    ssh-keygen -t rsa -b 4096
    After that, I copied the generated PUB key (id_rsa.pub) in ~/.ssh to authorized_keys
    Code:
    cp id_rsa authorized_keys/
    Then I set permissions of the .ssh and the authorized_keys folder to 600 and the pub key to 644 (also tried 600).

    Then I go to cPanel > Manage root’s SSH Keys and import the private key (id_rsa) and filled in the passphrase.

    After that, I go to the configuration of the remote destination (SFTP) and fill in the location of the private key (/root/.ssh/id_rsa. Also checked permissions and those are 600.

    Those are exactly the steps I did but without any success.


    I also generated a key with cPanel but same error.

    Any idea whats going wrong here?

    Thanks for any support!
     
  2. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    Are you trying to sftp as root, or as another username?

    If you're trying to sftp as another username, the key needs to go in /home/username/.ssh/authorized_keys rather than root's home (~/.ssh/ if you're in as root).
     
  3. EH-Chris

    EH-Chris Member

    Joined:
    Sep 20, 2004
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    I'm running into the same issue-

    [backup_destination_validate] version [1].alidation for transport “keyed” failed: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
     
  4. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,145
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,

    On the host server, ensure that the /etc/ssh/sshd_config contains the following lines, and that they are uncommented;

    Code:
    PubkeyAuthentication yes
    RSAAuthentication yes
     
  5. Erjen

    Erjen Member

    Joined:
    Jul 14, 2014
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I am trying as root and both lines are in the sshd_config file.

    I also set the path to:
    AuthorizedKeysFile /root/.ssh/authorized_keys
    And restarted SSH.

    So that can't be the issue I think.

    Any more ideas? Or should I create a support ticket?
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Please open a support ticket using the link in my signature so we can take a closer look. You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
  7. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    check /var/log/secure before you go too crazy ;)
     
  8. Erjen

    Erjen Member

    Joined:
    Jul 14, 2014
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    That one doesn't show any logs unfortunately :(
     
  9. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    That is very odd. Any attempt at all to connect to the servers SSH server should be detailed in /var/log/secure on redhat/centOS systems.
     
Loading...

Share This Page