Follow

Can anyone help me with self-hosting (beginner problems, ssh) 

So, I'm a beginner trying to learn to self-host.

I got a domain and a hetzner cloud. I pointed the domain to the server with A-Type entries.

domain.censored TTL 86400 Type A Priority 0 Data censored

Same with
*domain.censored
and
www.domain.censored

Then I created an ssh key with a password on my computer and and added the public key to the hetzner cloud.

Now when I try
ssh ssh-username@domain
I always get
Permission denied, please try again.

What did I do wrong?

· · Web · 4 · 3 · 1

Can anyone help me with self-hosting (beginner problems, ssh, solved) 

@metaphil @Ingo_FP_Angel @m4lvin @technicallypossible

Thanks everybody for your help. I was now able to log in with root instead of my ssh username. And I've now installed Yunohost.

So first issue solved. 🙂

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople some „Schüsse ins Blaue“:
Does the server know about its domain name?
Does it have to go somewhere in the sshd-config?
Does ‘ssh username@ip‘ work?

Can anyone help me with self-hosting (beginner problems, ssh) 

@metaphil @PaulaToThePeople You could try to "ssh -v" (or even -vvv) to get more verbose output.

If you get "Permission denied" immediately it sounds a bit like you're not sending the right key (or none at all).
You could try setting the key file explicitly, like 'ssh -i ~/.ssh/<your private ssh key> ...'

Can anyone help me with self-hosting (beginner problems, ssh) 

@Ingo_FP_Angel @metaphil

I now explicitly set the key, but same result.

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople @metaphil My hope would be that the "-vvv" verbose output gives a hint at the root cause.

Can anyone help me with self-hosting (beginner problems, ssh) 

@Ingo_FP_Angel @metaphil -vvv just outputs:

usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface]
[-b bind_address] [-c cipher_spec] [-D [bind_address:]port]
[-E log_file] [-e escape_char] [-F configfile] [-I pkcs11]
[-i identity_file] [-J [user@]host[:port]] [-L address]
[-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
[-Q query_option] [-R address] [-S ctl_path] [-W host:port]
[-w local_tun[:remote_tun]] destination [command]

Can anyone help me with self-hosting (beginner problems, ssh) 

@Ingo_FP_Angel @metaphil oh you mean add -vvv to the command.

Then it tells me:

debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople @metaphil

Near the top of the output there should be a like like

debug1: Connecting to domain.censored [111.111.111.111] port 22.

Is it showing the correct IP address?

And later it should show the key file it tries

debug1: Offering public key: /home/ingo/.ssh/id_blablabla

Are you asked for the password if the private key?

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople Typos: "like like" -> "line like" and "if the private key" -> "of the private key".

Can anyone help me with self-hosting (beginner problems, ssh) 

@Ingo_FP_Angel It shows the correct IP address.

after offering public key it says:
debug1: Authentications that can continue: publickey,password

Can anyone help me with self-hosting (beginner problems, ssh) 

@m4lvin see above

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople Oh, sorry, all the other replies were not federated to my instance 😔

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople It's wild guessing but if the correct key was sent then maybe the one set in the Hetzner config is either not correct or the change hasn't propagated through to the actual server?

But I don't know about Hetzner Cloud, my experience is with dedicated servers, there might be subtle differences.

Can anyone help me with self-hosting (beginner problems, ssh) 

@metaphil How do I find out about your first two questions?
username@ip doesn't work either.

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople sorry, don't use Hetzner myself, that's why I said „Schuß ins Blaue” 😉 🤷‍♂️
But did you just set the DNS records to that IP or did you also tell the Server about its name, e.g. through Hetzner's admin console thingy or something? Their SSH help page reads something about installation/set-up script for SSHd...

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople @metaphil did you create your server first and then added your ssh public key afterwards to the hetzner web interface? If so, then your server doesn't know about your key yet. Is your key on the server in the file $HOME/.ssh/authorized_keys or is it kissing there? Because that's the place your server is looking for your key in order to figure out if your key is allowed to log in at all.

Can anyone help me with self-hosting (beginner problems, ssh) 

@technicallypossible @metaphil Yes, I set the ssh key after creating the server. how do I find out if the key is on the server? talk to me as though I was a child.

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople @metaphil alright. In the Hetzner web interface you can access a virtual console of your server. It looks and works like you were sitting in front of the server's screen, but in your web browser. You can login to your server there and then type "cat $HOME/.ssh/authorized_keys" (without the quotes). If your public ssh key does not appear on your screen, that's the issue.

Can anyone help me with self-hosting (beginner problems, ssh) 

@technicallypossible I found the console, but it asks me for a login and neither the hetzner account login nor the ssh user & password let me in.

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople so you haven't done anything with your server yet? Then you can just delete and recreate the server, that should then also put your ssh public key in the right place. Once the Hetzner website knows your ssh key, it then will put it into every new server you create. You created your server when Hetzner didn't know your ssh key yet so it didn't put the key into the server when it was created.

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople recreating your server may or may not give it a new IP address so just be aware of that. You might need to adjust your DNS records.

Can anyone help me with self-hosting (beginner problems, ssh) 

@technicallypossible The IP address stayed the same.

Now when I try to ssh login, there is a new error message with:

Add correct host key in /home/paula/.ssh/known_hosts to get rid of this message.

But it doesn't tell me what the correct host key is or where to find it

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople with ssh, there are two keys. Your key, that you use to tell the server who you are. And the host key, that is the server's key to tell you that the server is actually the server you are trying to connect to and not some attacker's server that managed to squeeze into your connection. When you tried to connect to the (now deleted) server, you probably typed in "yes" to confirm the server's host key.

(to be continued)

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople now that you reset your server, it has a new host key that your PC doesn't recognize. Your PC already knows the old host key and so it doesn't trust the new one.
On your PC you need to delete the old host key of the server. Type into your terminal:

ssh-keygen -R "hostname"

Replace the hostname with the DNS name of your server. Or, if you used the IP directly, replace the hostname with the IP address of the server.

Can anyone help me with self-hosting (beginner problems, ssh) 

@technicallypossible okay, I did that. But I still get Permission denied.

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople I'm out of ideas for now. I'd need to go into the Hetzner website myself – maybe I can do that later if my partner lets me 😅

Can anyone help me with self-hosting (beginner problems, ssh) 

@technicallypossible Well thanks for getting me this far. At least I learned some stuff. :)

Can anyone help me with self-hosting (beginner problems, ssh) 

@PaulaToThePeople I'd be happy to help. Can you run ssh with "-v" to get more information? Is it actually using the ssh key you generated? Does it ask for the key passphrase?

I do not use hetzner, so this is just guessing.

Can anyone help me with self-hosting (beginner problems, ssh, solved) 

@PaulaToThePeople I would be happy to help next time you have any issues, but I don't check mastodon often enough 😅
Feel free to ping me or if you want we can exchange contact info through DMs
(Same goes for anybody else reading this, I don't mind helping out if you wanna reach out)

Sign in to participate in the conversation
Climate Justice Social

This is an official mastodon instance for activists of the global climate justice and social justice movement.