[SSH] SSH connection with users who don't have password set fails even with public key authentication only
Tadashi Shigeoka · Sun, June 28, 2015
I’ll introduce the issue where SSH connection fails even with public key authentication only when trying to connect with a user who doesn’t have a password set.
When trying SSH connection with the -v option, you get Permission denied (publickey).
ssh your_usernama@123.456.789.123 -v
...
debug1: No more authentication methods to try.
Permission denied (publickey).
When “Permission denied (publickey).” is displayed, logs are written to /var/log/secure on the server, so let’s check it.
# tail -F /var/log/secure
Jun 28 18:44:57 host sshd[1370]: User your_username not allowed because account is locked
Jun 28 18:44:57 host sshd[1372]: input_userauth_request: invalid user your_username
Jun 28 18:44:57 host sshd[1372]: Connection closed by 123.123.123.123
It seems that the sshd_config setting prevents users without passwords from logging in via SSH, so let’s obediently set a password for the user.
passwd your_username
To improve security, it’s better to set passwords for users from the beginning. That’s all from the Gemba.