Mycroft Community Forum

Cannot ssh into Devkit anymore

Hi there :slight_smile:

(Since the last update?) I cannot ssh into my devkit anymore. Creating a new USB drive did not help. Pairing and everything worked, I also copied the public key, but still cannot ssh into the device.
I even created a new public key following the instructions of the manual (see here: https://mycroft-ai.gitbook.io/docs/using-mycroft-ai/get-mycroft/mark-ii) once more:
ssh-keygen -t rsa

Does anyone have similar issues or is just me?

This is what I do:
ssh -v -p 8222 mycroft@192.168.178.73 -i .ssh/id_rsa.pub
to make sure it uses the created (and copied) public key.

This is what I get:
OpenSSH_8.8p1, OpenSSL 1.1.1m 14 Dec 2021
debug1: Reading configuration data /home/user/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to local ip [local ip] port 8222.
debug1: Connection established.
debug1: identity file /home/user/.ssh/id_rsa type 0
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
[…]
debug1: Local version string SSH-2.0-OpenSSH_8.8
debug1: Remote protocol version 2.0, remote software version dropbear_2019.78
debug1: compat_banner: no match: dropbear_2019.78
debug1: Authenticating to [local ip]:8222 as ‘mycroft’
[…]
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:[…]
[…]
debug1: Host ‘[local ip]:8222’ is known and matches the ECDSA host key.
debug1: Found key in /home/user/.ssh/known_hosts:4
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 4294967296 blocks
debug1: Will attempt key: /home/user/.ssh/id_rsa RSA SHA256:[…]
debug1: Will attempt key: /home/user/.ssh/id_dsa
[…]
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/user/.ssh/id_rsa RSA SHA256:[…]
debug1: send_pubkey_test: no mutual signature algorithm
debug1: Trying private key: /home/user/.ssh/id_dsa
[…]
debug1: Authentications that can continue: publickey
[…]
debug1: No more authentication methods to try.
mycroft@[local ip]: Permission denied (publickey).

I also checked the file permissions (found a hint that that might be problem):
-rw------- 1 user user 2602 31. Dez 18:09 id_rsa
-rw-r–r-- 1 user user 569 31. Dez 18:09 id_rsa.pub

Many thanks and kind regards,
Enver

Did you: chmod go-r id_rsa.pub
?

Thanks for the hint! :slight_smile: I tried that, but unfortunately still can’t ssh into the device. :frowning:

What could be the problem here :thinking: - Plus: It’s a new installation of the system on the USB stick and I followed the instruction as I did before (several times which worked in the past).
I’ve got a back up of the “old” installation / system where e.g. Spotify was set up. For that I had to ssh into the device. - I’m feeling slightly stupid :grimacing: :wink:

if the error hasn;t changed then the chmod didn’t work.

Is that so? This is what ‘ls -la’ shows:
-rw------- 1 user user 2602 31. Dez 18:09 id_rsa
-rw------- 1 user user 569 31. Dez 18:09 id_rsa.pub

Just a thought … rather than increasing verbosity on the ssh client side, can you restart the sshd server in verbose (debug) mode and watch from that side? (or are you locked out of your server?).

-Mike M