Your ssh client is trying password authentication before public key authentication.
Check your ~/.ssh/config and /etc/ssh/ssh_config files for a PreferredAuthentications entry.
I see similar behavior if I add the following entry to my ~/.ssh/config file:
PreferredAuthentications password,publickey
If you have something like that in either of the aforementioned files, comment it out.
Don't use a password. Generate a passphrase-less SSH key and push it to your VM.
If you already have an SSH key, you can skip this step…
Just hit Enter for the key and both passphrases:
$ ssh-keygen -t rsa -b 2048
Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
Copy your keys to the target server:
$ ssh-copy-id id@server
id@server's password:
Now try logging into the machine, with ssh 'id@server', and check-in:
.ssh/authorized_keys
Note: If you don't have .ssh dir and authorized_keys file, you need to create it first
to make sure we haven’t added extra keys that you weren’t expecting.
Finally, check to log in…
$ ssh id@server
id@server:~$
You may also want to look into using ssh-agent if you want to try keeping your keys protected with a passphrase.
Best Answer
gives you the list of client supported algorithms. The server ones you will get from
sshd -T | grep kex(on the server of course).And if you want to remove one, just take the list you get from previous command, remove the algorithm you are interested in and put it in the
/etc/ssh/sshd_config(or replace existing line there with the kex algorithms).