# ssh: "Permission denied (publickey,password) [solved]

## evoweiss

Hi all,

I am experiencing a bit of frustration in trying to work out why I am unable to ssh into my system. I use password authentication and it worked fine for many years before now. I just switched to a new ISP, but they're very reasonable and do not have any weird policies forbidding one from doing stuff like that. I suspect something has gone awry in one of my config files.

Anyway, what happens it that, when I ssh into my system under my username (I do have a shell for that user) and type in the user password I get the following:

```

x@x.x.com's password: 

Permission denied, please try again.

x@x.x.com's password: 

Permission denied, please try again.

x@x.x.com's password: 

Permission denied (publickey,password).

```

My /etc/ssh/sshd_config file is exactly the same as my work computer into which I can ssh.

Any help would be hugely appreciated!

Best,

AlexLast edited by evoweiss on Sat Nov 05, 2011 1:48 pm; edited 1 time in total

----------

## truc

Can you ssh to x@x.x.com from an another place? If so, then that's a really weird, otherwise, triple-check the username and of course the password!

----------

## evoweiss

 *truc wrote:*   

> Can you ssh to x@x.x.com from an another place? If so, then that's a really weird, otherwise, triple-check the username and of course the password!

 

Nope, I tried sshing into x.x.com from two different machines (I ssh'd into them and then tried to ssh into x.x.com). I also tried to ssh into x.x.com from x.x.com. Nothing worked.

The password is the same one I use day in and day out. I have tried dozens of times already and have had zero luck.

I'll post the verbose ssh results.

```

OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: Applying options for *

debug2: ssh_connect: needpriv 0

debug1: Connecting to x.x.com [1.2.3.4] port 22.

debug1: Connection established.

debug1: identity file /home/me/.ssh/identity type -1

debug3: Not a RSA1 key file /home/me/.ssh/id_rsa.

debug2: key_type_from_name: unknown key type '-----BEGIN'

debug3: key_read: missing keytype

debug2: key_type_from_name: unknown key type 'Proc-Type:'

debug3: key_read: missing keytype

debug2: key_type_from_name: unknown key type 'DEK-Info:'

debug3: key_read: missing keytype

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug2: key_type_from_name: unknown key type '-----END'

debug3: key_read: missing keytype

debug1: identity file /home/me/.ssh/id_rsa type 1

debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-4096

debug1: Checking blacklist file /etc/ssh/blacklist.RSA-4096

debug1: identity file /home/me/.ssh/id_dsa type -1

debug1: Remote protocol version 2.0, remote software version dropbear_0.46

debug1: no match: dropbear_0.46

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7

debug2: fd 3 setting O_NONBLOCK

debug1: SSH2_MSG_KEXINIT sent

debug3: Wrote 792 bytes for a total of 831

debug1: SSH2_MSG_KEXINIT received

debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

debug2: kex_parse_kexinit: ssh-rsa,ssh-dss

debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se

debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se

debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96

debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96

debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib

debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib

debug2: kex_parse_kexinit: 

debug2: kex_parse_kexinit: 

debug2: kex_parse_kexinit: first_kex_follows 0 

debug2: kex_parse_kexinit: reserved 0 

debug2: kex_parse_kexinit: diffie-hellman-group1-sha1

debug2: kex_parse_kexinit: ssh-rsa

debug2: kex_parse_kexinit: 3des-cbc

debug2: kex_parse_kexinit: 3des-cbc

debug2: kex_parse_kexinit: hmac-sha1,hmac-md5

debug2: kex_parse_kexinit: hmac-sha1,hmac-md5

debug2: kex_parse_kexinit: none

debug2: kex_parse_kexinit: none

debug2: kex_parse_kexinit: 

debug2: kex_parse_kexinit: 

debug2: kex_parse_kexinit: first_kex_follows 0 

debug2: kex_parse_kexinit: reserved 0 

debug2: mac_setup: found hmac-md5

debug1: kex: server->client 3des-cbc hmac-md5 none

debug2: mac_setup: found hmac-md5

debug1: kex: client->server 3des-cbc hmac-md5 none

debug2: dh_gen_key: priv key bits set: 205/384

debug2: bits set: 523/1024

debug1: sending SSH2_MSG_KEXDH_INIT

debug1: expecting SSH2_MSG_KEXDH_REPLY

debug3: Wrote 144 bytes for a total of 975

debug3: check_host_in_hostfile: filename /home/me/.ssh/known_hosts

debug3: check_host_in_hostfile: match line 1

debug3: check_host_in_hostfile: filename /home/me/.ssh/known_hosts

debug3: check_host_in_hostfile: match line 2

debug1: Host 'x.x.com' is known and matches the RSA host key.

debug1: Found key in /home/me/.ssh/known_hosts:1

debug2: bits set: 532/1024

debug1: ssh_rsa_verify: signature correct

debug2: kex_derive_keys

debug2: set_newkeys: mode 1

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug3: Wrote 16 bytes for a total of 991

debug2: set_newkeys: mode 0

debug1: SSH2_MSG_NEWKEYS received

debug1: SSH2_MSG_SERVICE_REQUEST sent

debug3: Wrote 48 bytes for a total of 1039

debug2: service_accept: ssh-userauth

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug2: key: /home/me/.ssh/identity ((nil))

debug2: key: /home/me/.ssh/id_rsa (0x7fefdacdca50)

debug2: key: /home/me/.ssh/id_dsa ((nil))

debug3: Wrote 64 bytes for a total of 1103

debug1: Authentications that can continue: publickey,password

debug3: start over, passed a different list publickey,password

debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password

debug3: authmethod_lookup publickey

debug3: remaining preferred: keyboard-interactive,password

debug3: authmethod_is_enabled publickey

debug1: Next authentication method: publickey

debug1: Trying private key: /home/me/.ssh/identity

debug3: no such identity: /home/me/.ssh/identity

debug1: Offering public key: /home/me/.ssh/id_rsa

debug3: send_pubkey_test

debug2: we sent a publickey packet, wait for reply

debug3: Wrote 616 bytes for a total of 1719

debug1: Authentications that can continue: publickey,password

debug1: Trying private key: /home/me/.ssh/id_dsa

debug3: no such identity: /home/me/.ssh/id_dsa

debug2: we did not send a packet, disable method

debug3: authmethod_lookup password

debug3: remaining preferred: ,password

debug3: authmethod_is_enabled password

debug1: Next authentication method: password

me@x.x.com's password: 

debug3: packet_send2: adding 64 (len 58 padlen 6 extra_pad 64)

debug2: we sent a password packet, wait for reply

debug3: Wrote 144 bytes for a total of 1863

debug1: Authentications that can continue: publickey,password

Permission denied, please try again.

me@x.x.com's password: 

debug3: packet_send2: adding 64 (len 58 padlen 6 extra_pad 64)

debug2: we sent a password packet, wait for reply

debug3: Wrote 144 bytes for a total of 2007

debug1: Authentications that can continue: publickey,password

Permission denied, please try again.

me@x.x.com's password: 

debug3: packet_send2: adding 64 (len 58 padlen 6 extra_pad 64)

debug2: we sent a password packet, wait for reply

debug3: Wrote 144 bytes for a total of 2151

debug1: Authentications that can continue: publickey,password

debug2: we did not send a packet, disable method

debug1: No more authentication methods to try.

Permission denied (publickey,password).

```

----------

## evoweiss

 *truc wrote:*   

> Can you ssh to x@x.x.com from an another place? If so, then that's a really weird, otherwise, triple-check the username and of course the password!

 

I think I replied too quickly without reading correctly. I have been trying to ssh into the system from another place all along. See my other message for more details.

Sorry, it's been a rough week.

Best,

Alex

----------

## evoweiss

Hi,

I'm not sure if this is relevant information or not, but the only thing my sshd/current log shows is:

```

Nov 04 22:54:16 [sshd] Server listening on 0.0.0.0 port 22.

```

In other words, it's as if ssh never received the password if that makes sense.

Best,

Alex

----------

## krinn

 :Smile:  because it happen to me one day...

Are you sure you are connecting to the right host ? Hmmm, that you try to connect to someone's computer that also own sshd running but you keep getting kick because it's just not your.

Your sshd log should show your logging attempts and not just that the server is listening, and as you said you switch isp, you might have still old dns refering to your old IP....

----------

## evoweiss

 *krinn wrote:*   

>  because it happen to me one day...
> 
> Are you sure you are connecting to the right host ? Hmmm, that you try to connect to someone's computer that also own sshd running but you keep getting kick because it's just not your.
> 
> Your sshd log should show your logging attempts and not just that the server is listening, and as you said you switch isp, you might have still old dns refering to your old IP....

 

Ah, nice insight. It was connecting to my IP address (I looked it up), but it was going into my router and not to my computer (you can telnet into my router). I have a new router and must have forgotten to set something up.

Best

Alex

----------

## krinn

Please mark it solve so others users could filter easy a solve exist.

LOL, now think your IP is now log into that guy sshd log and seen all your attempts, he will think about yourself : "damn hackers scripts kids rats!"

----------

## evoweiss

 *krinn wrote:*   

> Please mark it solve so others users could filter easy a solve exist.
> 
> LOL, now think your IP is now log into that guy sshd log and seen all your attempts, he will think about yourself : "damn hackers scripts kids rats!"

 

Actually, it's my router that I was trying to get into, so my ISP won't see it so far as I can tell. Still funny.

Anyway, after a bit of configuration-foo with the modem/router, it seems to be working. Thanks for helping me see what should have been obvious.  :Smile: 

Best,

Alex

----------

