ssh to lish node got Permission denied (publickey)
I'm new to Linode. Considering switching from another hosting service. Just set up my compute instance. Having problems ssh-ing to the lish console through the shell.
What does work: ssh to my instance. Access the web-based lish console.
For ssh access to Lish, the instruction was
Here's the output with -v:
ssh -t -v btng@lish-us-west.linode.com gunney.net
OpenSSH_8.4p1 Debian-5+deb11u1, OpenSSL 1.1.1n 15 Mar 2022
debug1: Reading configuration data /home/brian/.ssh/config
debug1: /home/brian/.ssh/config line 30: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: hostname canonicalisation enabled, will re-parse configuration
debug1: re-parsing configuration
debug1: Reading configuration data /home/brian/.ssh/config
debug1: /home/brian/.ssh/config line 30: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: auto-mux: Trying existing master
debug1: Control socket "/home/brian/.ssh/btng@lish-us-west.linode.com:22" does not exist
debug1: Connecting to lish-us-west.linode.com [2600:3c01::f03c:91ff:fe93:e32e] port 22.
debug1: Connection established.
debug1: identity file /home/brian/.ssh/id_rsa type 0
debug1: identity file /home/brian/.ssh/id_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Debian-10+deb9u4
debug1: match: OpenSSH_7.4p1 Debian-10+deb9u4 pat OpenSSH_7.0,OpenSSH_7.1,OpenSSH_7.2,OpenSSH_7.3,OpenSSH_7.4,OpenSSH_7.5,OpenSSH_7.6,OpenSSH_7.7 compat 0x04000002
debug1: Authenticating to lish-us-west.linode.com:22 as 'btng'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:fwuaKryHbvtKjFFviDocnMTNKWXUzfZSGPY8mgLgiNM
debug1: Host 'lish-us-west.linode.com' is known and matches the ECDSA host key.
debug1: Found key in /home/brian/.ssh/known_hosts:64
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /home/brian/.ssh/id_rsa RSA SHA256:rOl9ziGuSXjdQPQXRcOspqTwPr/lSaYA1c6X3AKQAI0 explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/brian/.ssh/id_rsa RSA SHA256:rOl9ziGuSXjdQPQXRcOspqTwPr/lSaYA1c6X3AKQAI0 explicit
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
btng@lish-us-west.linode.com: Permission denied (publickey).</ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521></implicit></implicit>
Thanks for helping!
4 Replies
watrick
Linode Staff
✓ Best Answer
Sorry about leading you toward a different DNS endpoint. I didn't realize we had changed what it presented in the Cloud Manager.
I admit that I was stumped, then I worked on a ticket for a customer who experienced the same issue. In that case, I reviewed their entire account and saw they had third-party authentication set up for their Cloud Manager user. If that is also the case for you, then you need to add your public key in your LISH Console Settings in the Cloud Manager.
watrick
Linode Staff
Thanks for including the input of your command. Based on what I see, the command you're using is incorrect.
Check out the Through SSH (Using a Terminal) section of our Lish guide:
Open a terminal window and enter the following command, replacing username with your Cloud Manager username, and location with your preferred Lish SSH gateway.
ssh username@locationFor example, logging in as user via the Newark gateway would look like:
ssh user@lish-newark.linode.com
Why this is different is that you'll need to connect to a Lish gateway before logging into your Linode. You can use any gateway, though we recommended the one closest to you. Based on what you were using, it looks like you're trying to connect to the Fremont Lish gateway. Instead, you'll want to use:
ssh btng@lish-fremont.linode.com
And then from there, you'll see the list of Linodes you're able to access via Lish. This list is case sensitive.
That gives the same error:
ssh btng@lish-fremont.linode.com
btng@lish-fremont.linode.com: Permission denied (publickey).
By the way, the reason I tried
ssh -t -v btng@lish-us-west.linode.com gunney.net
is because that's the instruction my compute instance's web page gave me. I could send you a screen shot if there's a way.