SSH access denied when 'authorized_keys' file is created with Vim

Question

I created an ec2 instance with an Ubuntu 16.04 AMI. I created a sudo user for this AMI with:

sudo adduser myuser
sudo usermod -aG sudo myuser

Then I attempted to give the user ssh access with an rsa keypair that I already had. I created an .ssh directory for the new user:

mkdir ~/.ssh
chmod 700 ~/.ssh
vim ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

I copied and pasted my public key into 'authorized_keys'. Then I exited ec2 and tested my connection with:

cd ~/.ssh
ssh -i "mypem.pem" myuser@ec2-xx-xx-xxx-xxx.us-west-1.compute.amazonaws.com

I got an error that read 'Access denied (public key)'

So I scrapped the user and created another user. This time a created the 'authorized_keys' file with nano instead of Vim and it worked.

Anyone experience this?

It was copied an pasted correctly because I double checked it. — , Jan 15 '17 at 05:45
Maybe a couple of characters got clipped and I overlooked it. Thanks. — , Jan 15 '17 at 06:32
If you have `linebreak` activated in `vim` this can happen as the SSH key has to be one line. `linebreak` would insert a newlines and break the key. — Thomas, Jan 15 '17 at 12:05
Just do this again and store it in another file. Then use a diff tools to compare what's wrong. — mootmoot, Jan 17 '17 at 10:39
Check `/var/log/secure`on the server you are trying to log into. — M. Glatki, Jan 27 '17 at 09:29

chloesoe · Answer 1 · 2017-09-25T18:34:05.190

If something like this happens, I would recommend tho check fileencryption , fileformat and bomb in ViM. Compare both files, the one you edited with nano and the one you edited with vim. Open them with vim and check this:

:set bomb? This is the byte order mark. Usually set when you edit a UTF-8 file with notepad.exe on windows. I often had problems with that.

:set ff? Fileformat dos or unix. dos have different line endings than unix.

:set fenc? The fileencoding: perhaps one editor changes to latin1 instead of UTF-8.

score 1 · Answer 2 · answered Apr 02 '17 at 21:16

Probably you pasted it wrong.

Does it start with ssh-rsa or with ssh-ed25519?
Does it have a space before (it should NOT)
Is upper/lower case preserved?
is there a space before any comment at the end of the line?

before pasting anything in vim, you should use :set paste, as it switches off any possible active autocompletion/autoindent/... macros.

Another thing is, that you wrote mykey.pem, which is the usual extension for openssl files, not ssh-keys. Are you sure, you used the id_rsa.pub / id_ed25519.pub as ssh-pubkey?

score 0 · Answer 3 · answered Jan 15 '17 at 13:51

0

myuser must has access to .ssh and keyfile. Check who owns them.

answered Jan 15 '17 at 13:51

Zeno Moson

3
4

Given the information in the question this answer is most likely incorrect. – kasperd Jan 15 '17 at 19:51

SSH access denied when 'authorized_keys' file is created with Vim

3 Answers3