SSH error “Server refused our key” and how to fix it
I was getting this error for awhile when trying to use an authentication key in Putty to connect to an Ubuntu Server machine:
Server refused our key.
Long story short, the problem lies within my home directory being encrypted when I’m not logged in. Read below for further explanation.
The solution is to move the authorized_keys file location outside the home folder so the SSH daemon can access it even when you’re not logged in:
- sudo mkdir /etc/ssh/publicSSHkeys # Create a folder for public SSH keys
- sudo mv ~/.ssh/authorized_keys /etc/ssh/publicSSHkeys/ # Move the authorized_keys file there
- sudo nano /etc/ssh/sshd_config # Modify sshd_config to the new location
change this… “AuthorizedKeysFile %h/.ssh/authorized_keys”
to this… “AuthorizedKeysFile /etc/ssh/publicSSHkeys/authorized_keys”
NOTE: Sometimes the “AuthorizedKeysFile” variable is commented out, so remove the number sign if it is (Thanks to Frank for the tip!).
- sudo service sshd reload # Then you just need to reload the server
- You’ll still need to make sure your public key is in /etc/ssh/publicSSHkeys/authorized_keys, and your SSH client (in my case Putty) is loading your private key. There are numerous SSH key tutorials on the webernets.
Automatic home directory encryption is an option when installing Ubuntu systems (both desktop and server), and I recommend using it. I like knowing that, if I’m not logged in, my home directory is encrypted. However, this means that any server or daemon that requires access to a file or folders in your home directory will fail if you’re not logged in. Keep that in mind.