I have just discovered I can log into my server as long as I provide a missing file to the ssh client!
What can I check to find out why and what can I change to stop this from happening?
Logging in with missing file
$ ssh -i ~/.ssh/x user@server.com
Warning: Identity file /c/Users/G/.ssh/x not accessible: No such file or
directory.
Last login: Wed Aug 9 20:20:49 2017 from 192.168.15.250
user@server:~$
Failing to log in with invalid cert
$ ssh -i ~/.ssh/invalid.pem user@server
Permission denied (publickey).
Successfully logging in
$ ssh -i ~/.ssh/valid.pem user@server
Last login: Wed Aug 9 20:21:07 2017 from 192.168.15.250
user@server:~$
These are the only non-commented lines in my /etc/ssh/sshd_config
Host *
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no
Best Answer
In answer to "What can I check to find out why"
ssh -vv
. The -vv parameter gives verbose debugging showing what is happening between pressing return on the local client and seeing the prompt on the remote serverIn answer to "Why can I ssh logon without key or password?"
That wasn't what was happening. In this specific case, the appropriate key,
valid.pem
was duplicated in theid_rsa
file. The duplicate key was being usedThe following occurs on this client:
as shown here:
id_rsa
key. As shown heredebug1: Trying private key: /c/Users/G/.ssh/id_rsa
debug1: Authentication succeeded (publickey).