I have set up an EC2 instance with ArchLinux for a client, and I am currently in the testing phase.
I am using PuTTY from Windows 8 to SSH into the machine. I have set up the connection profile correctly, and specified the correct key file.
When trying to login, I am presented with the option to choose which user I want to login as. I choose "root" and the connection proceeds with no problem, though I am not asked for the root password.
I want to forbid root logins, but when trying to login as any other user I get from the system:
Server refused our key
Also I get a popup window saying:
Disconnected: No supported authentication methods available (server sent: publickey)
Why is it that I cannot login as any other user? It is very important for me to forbid root logins.
On a side note, is it normal that I am not prompted for the root password?
Best Answer
Check that your public SSH key is installed into the
/home/non-root/.ssh/authorized_keys
file for thenon-root
user. TheServer refused our key
message suggests that it isn't or isn't installed correctly.If you want to use the same SSH key for both
root
and yournon-root
users, it might be as simple as copying the/root/.ssh/authorized_keys
file into/home/non-root/.ssh/authorized_keys
.Also the message
Disconnected: No supported authentication methods available (server sent: publickey)
seems to suggest that this SSH server is only configured to allow authentication with SSH keys. If you want to allow password-based authentication also, addPasswordAuthentication yes
to your/etc/ssh/sshd_config
file and restartsshd
.As for not being prompted for
root
password when logging in asroot
, by default, SSH server is configured to prefer SSH key authentication over passwords, so if that succeeds, you aren't asked for the password.ArchLinux wiki has more info on using SSH keys that might be of use too.