I'm following this tutorial: Raspberry Pi - SSH Public Key Authentication, but I'm generating the keys directly on my Raspberry.
So this is exactly what I did:
start a fresh Raspbian image
ssh-keygen -t rsa -C "my_name"
Saved at default folder /home/pi/.ssh
Copied the public key id_rsa.pub to /home/pi/.ssh/authorized_keys
using the command:
cd /home/pi/.ssh
mkdir authorized_keys
cp id_rsa.pub authorized_keys/
so then I've gone to authorized_keys with
cp authorized_keys
and there was my public key in the format
ssh-rsa big_string_here my_name
then I copied the private key to my pen drive using
cp id_rsa /media/PENDRIVE
Opened puttygen, gone to Conversions, imported the key from my pen drive, saved the private key also in my pen drive, then opened Putty and started a connection to my Raspberry Pi. It asks me to type the user I want to connect, I type pi and then the terminal writes this:
"server refused our key"
And gives the error:
Disconnected: No supported authentication methods available (server sent: public key)
I've already formatted my Pi 3 times and tried this with a fresh installation, but I'm getting these errors.
Could someone help me?
UPDATE:
When I try to log from the same raspberry pi, it says: Permission denied (public key).
When I see the permissions of the file id_rsa.pub inside authorized_keys I get:
-rw-r--r-- 1 root root 387 Fevb 16 14:06 id_rsa.pub
is everything alright?
Update 2:
It looks like that authorized_keys is a file not a directory.
So I changed it to a file and now there are the permissions:
-rw------- 1 root root 387 Apr 25 18:44 authorized_keys
-rw------- 1 pi pi 1766 ... id_rsa
-rw-r--r-- 1 root root 387 ... ida_rsa.pub
I think authorized_keys must be owned by pi, also?
UPDATE 3:
Changed group and user to pi and it worked. Thank you all.
2 Answers 2
authorized_keys is a text file, not a directory. Copying your public key in it means to copy-paste the text of your key in it on it's own line.
Try this to fix:
rm -rf ~/.ssh/authorized_keys
cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys
This will remove the directory you have created and create a new file as a copy from your public key. Don't do the same thing for adding additional keys, otherwise you would be overwriting the existing ones.
Additionally set ownership and privs.
On the computer you will sit at, the one running PuTTY, you need both a public and private key. You need to append that same public key to the ~/.ssh/authorized_keys file for your account on the remote computer, the RPi, in order to use it. (It's not a good idea to delete or overwrite authorized_keys if you've got more than one remote key you want to connect with.)
It sounds to me like you're generating the keys on the remote computer, the RPi, not the one you will sit at, running PuTTY, to access that remote computer. I may have misunderstood.
You need to have both the private and corresponding private keys on the PuTTY computer, then copy the public key to the authorized_keys for your account on the RPi. You should then be able to configure PuTTY to use the private key and be able to connect to the RPi on your account without a password.
-
Well, I'm generating it in the pi, and after that I deleted the private key from there and sent it to the client computer.magro– magro2015年04月26日 02:31:38 +00:00Commented Apr 26, 2015 at 2:31
-
-
I've edited my answer for clarity.bobstro– bobstro2015年05月13日 13:32:10 +00:00Commented May 13, 2015 at 13:32