2

I want to SSH into my Raspberry Pi, but for security reasons also don't want to keep the standard password raspberry for the standard user pi. There fore I used passwd to change pi's password. However, when I then try to ssh I get the errors

Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password)

These errors are also the subject of a number of other threads, but none have answers that solve the problem for me.

I think it has something to do with the public key and it not changing with the password when one uses passwd. The reason being that if I change the password back to raspberry I can SSH just fine.

-EDIT- Verbose ssh added

-bash-4.1$ ssh -v [email protected]
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to xxx.xxx.xxx.xxx [xxx.xxx.xxx.xxx] port 22.
debug1: Connection established.
debug1: identity file /home/nfs/shijgenaar/.ssh/identity type -1
debug1: identity file /home/nfs/shijgenaar/.ssh/identity-cert type -1
debug1: identity file /home/nfs/shijgenaar/.ssh/id_rsa type -1
debug1: identity file /home/nfs/shijgenaar/.ssh/id_rsa-cert type -1
debug1: identity file /home/nfs/shijgenaar/.ssh/id_dsa type -1
debug1: identity file /home/nfs/shijgenaar/.ssh/id_dsa-cert type -1
debug1: identity file /home/nfs/shijgenaar/.ssh/id_ecdsa type -1
debug1: identity file /home/nfs/shijgenaar/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Raspbian-5+deb8u3
debug1: match: OpenSSH_6.7p1 Raspbian-5+deb8u3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'xxx.xxx.xxx.xxx' is known and matches the RSA host key.
debug1: Found key in /home/nfs/shijgenaar/.ssh/known_hosts:4
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/nfs/shijgenaar/.ssh/identity
debug1: Trying private key: /home/nfs/shijgenaar/.ssh/id_rsa
debug1: Trying private key: /home/nfs/shijgenaar/.ssh/id_dsa
debug1: Trying private key: /home/nfs/shijgenaar/.ssh/id_ecdsa
debug1: Next authentication method: password
[email protected]'s password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
[email protected]'s password:
asked Mar 28, 2017 at 15:03
6
  • 1
    Can you run ssh -v <your_raspberrypi>? That would provide you a much more verbose error message. Commented Mar 28, 2017 at 15:48
  • "I think it has something to do with the public key and it not changing with the password when one uses passwd." -> No, public keys and passwords are completely separate methodologies. You can enable either or both but normally you would only use one or the other (it might be possible to configure it to require both, but that is not the default case). If you are using a password and it fails, chances are it is because the password is incorrect. You can try connecting with ssh -vv to get more details and on the pi side, have a look in /var/log/auth.log. Commented Mar 28, 2017 at 15:58
  • @goldilocks I have added the verbose Commented Mar 29, 2017 at 7:51
  • It still looks as though the problem is the wrong password. You should try it with something simple and ascii, e.g., abc123, and double check the pi user can log in locally with that. The stuff about the public/private keys is just there because you have some on the remote computer and if sshd says it will accept them, the ssh client will try and apply them automatically. When that fails it falls back to password. You will see much the same thing if you do this when the password is working. Commented Mar 29, 2017 at 12:08
  • @goldilocks Thank you. Apparently the keyboard I was using on the Raspberry Pi has a different keyboard layout than the one on my laptop ^^' facepalm Commented Mar 29, 2017 at 12:54

2 Answers 2

0

Do you already have pub key in .ssh/authorized_keys? You need to enabled key based authentication in /etc/ssh/sshd_config:

PermitRootLogin no
AllowUsers pi
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile ~/.ssh/authorized_keys
PasswordAuthentication yes
UsePAM no

Maybe there is a typo while accessing the RPi with ssh?

answered Mar 28, 2017 at 15:23
1
  • Is there an option to login via SSH using just my user password for pi? I have tried PubkeyAuthentication no PasswordAuthentication yes but it doesn't help Commented Mar 29, 2017 at 9:07
0

It turns out I was indeed using the wrong password to login, seeing my laptop's keyboard has a different layout than the keyboard attached to my RaspberryPi. I can now SSH without a problem.

answered Mar 29, 2017 at 13:10

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.