Don't use a password. Generate a passphrase-less SSH key and push it to your VM.
If you already have an SSH key, you can skip this step…
Just hit Enter for the key and both passphrases:
$ ssh-keygen -t rsa -b 2048
Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
Copy your keys to the target server:
$ ssh-copy-id id@server
id@server's password:
Now try logging into the machine, with ssh 'id@server'
, and check-in:
.ssh/authorized_keys
Note: If you don't have .ssh dir and authorized_keys file, you need to create it first
to make sure we haven’t added extra keys that you weren’t expecting.
Finally, check to log in…
$ ssh id@server
id@server:~$
You may also want to look into using ssh-agent
if you want to try keeping your keys protected with a passphrase.
I needed to have rw for user only permissions on config. This fixed it.
chmod 600 ~/.ssh/config
As others have noted below, it could be the file owner. (upvote them!)
chown $USER ~/.ssh/config
If your whole folder has invalid permissions here's a table of possible permissions:
Path |
Permission |
.ssh directory (code) |
0700 (drwx------) |
private keys (ex: id_rsa ) (code) |
0600 (-rw-------) |
config |
0600 (-rw-------) |
public keys (*.pub ex: id_rsa.pub ) |
0644 (-rw-r--r--) |
authorized_keys (code) |
0644 (-rw-r--r--) |
known_hosts |
0644 (-rw-r--r--) |
Sources:
Best Answer
When you shutdown or reboot your system,
systemd
tries to stop all services as fast as it can. That involves bringing down the network and terminating all processes that are still alive -- usually in that order. So when systemd kills the forked SSH processes that are handling your SSH sessions, the network connection is already disabled and they have no way of closing the client connection gracefully.Your first thought might be to just kill all SSH processes as the first step during shutdown, and there are quite a few systemd service files out there that do just that.
But there is of course a neater solution (how it's "supposed" to be done):
systemd-logind
.systemd-logind
keeps track of active user sessions (local and SSH ones) and assigns all processes spawned within them to so-called "slices". That way, when the system is shut down, systemd can just SIGTERM everything inside the user slices (which includes the forked SSH process that's handing a particular session) and then continue shutting down services and the network.systemd-logind
requires a PAM module to get notified of new user sessions and you'll needdbus
to useloginctl
to check its status, so install both of those:Be sure your
/etc/ssh/sshd_config
is actually going to use the module withUsePAM yes
.