Bobcares
Client Area
Emergency Support
Latest | Server Administration | Vultr

How to fix “server refused our key” error on a Vultr instance?

by | Feb 14, 2019

I have created a key pair using PuTTy, but when I try connecting to my Vultr instance, I get the error ” server refused our key”. What’s wrong here?

That was a recent support received from one of the customers as part of the Managed Cloud Services that we provide.

Server owners often face this error when accessing the server using SSH keys. And, this error can occur due to wrong format of SSH keys, wrong permissions of SSH key, and more.

Today, we’ll discuss the top 3 reasons for this error and how our Dedicated Engineers fix them.

‘Server refused our key’ on Vultr instance – What this means?

Key based authentication is a secure way to access the server. Here, the public key is placed on the Vultr instance while the private key is placed on the user’s computer.

The error “Server refused our key” on Vultr instance clearly shows that the server rejected the SSH key submitted for login.

Here, our Support Engineers recreate the problem by connecting to the server via SSH in debug mode.

ssh -v xx.xx.xx.xx

 

It will give a detailed trace that will help us to analyze the problem. Further, we change the log level to debug mode in the SSH configuration file /etc/sshd/ssh_config.

LogLevel DEBUG3

 

Then, we check the SSH logs(/var/log/secure and /var/log/auth.log) to find the origin of the issue.

 

Server refused our key on Vultr instance – Causes & Fixes

Now, let’s see the main reasons for this error and how our Dedicated Engineers fix them.

1) Wrong permissions of SSH key

SSH server login requires strict permissions for the key files used.

In other words, if the user has no proper privileges to read the SSH keys, then SSH refuses to authenticate. Similarly, if any of the files in .ssh folder can be written by other users, the error ‘server refused our key ‘may occur.

 

How we fix?

Firstly, our Support Experts check and confirm that the public key is properly placed in the .ssh folder of the user’s home directory, and proper ownership are assigned to these files

Further, we confirm that the permissions and ownership of the SSH key files are correct. In other words, we ensure that the permissions of the .ssh folder and its parent folder is 700. This ensures that the user only has the write privileges to this folder.

Similarly, we ensure that the permissions of the private key on the client side is set to 600 or more restrictive rights. We also ensure that the public key file in .ssh/authorized_keys should have permission 600, so that other users can’t write the key.

2) Wrong SSH key format

Another common reason for this error is customer uses wrong public key format. This usually happens when users create the SSH key using puttygen in Windows and copy it to Linux. This is because, Windows splits the public key in multiple lines. But, Linux or OpenSSH systems can’t understand this public key format and throws the error server refused our key on Vultr instances.

And, users see an error like this in the SSH logs(/var/log/secure or /var/log/auth.log).

sshd: error: key_read: uudecode AAAAB3N [etc etc etc until about 3/4 of my public key]
How we fix?

Here, our Support Engineers confirm the way customers generate the SSH keys for the user. Further, we analyze the public key format and correct if any problems noted. For example, we use the below command to convert the public key to a format understood by the OpenSSH server.

ssh-keygen -i -f windowspub.key

 

Moreover, we confirm that the SSH keys are all in a single line and there are no leading or trailing spaces in the SSH keys.

 

3) SSH configuration issues

Similarly, problems in the SSH configuration file can also lead to this error. We’ve seen instances where users add SSH keys on their Vultr instance. But, failed to enable Public key authentication in the SSH configuration file. As a result, users see the error ‘server refused our key’ on their Vultr instance.

How we fix?

In such cases, our Support Engineers enable public key authentication in the SSH configuration file /etc/sshd/ssh_config. For instance, we add the following line to enable key based authentication.

PubkeyAuthentication yes

 

In addition to that, we also ensure that the location of the key file is enabled.

AuthorizedKeysFile .ssh / authorized_keys

 

Most importantly, we restart the SSH service on the Vultr instance to bring these changes into effect.

[And, do you need a Server Expert to fix your SSH connection issues on your Vultr VPS. We can help you here.]

 

Conclusion

In short, server refused our key error on a Vultr instance can occur due to wrong format of the SSH key, incorrect permissions of the SSH key, and so on. Today, we’ve discussed the top 3 reasons for this error and how our Support Engineers fix them.

Related posts:

  1. How can you safely change the Vultr instance location?
  2. How to enable IPv6 on a Vultr instance without losing network connectivity?
  3. Disable root login on Vultr – An easy method to secure your instance
  4. Install Windows on Vultr VPS – Here are the steps to build your server

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Related Articles

  1. How can you safely change the Vultr instance location?
  2. How to enable IPv6 on a Vultr instance without losing network connectivity?
  3. Disable root login on Vultr – An easy method to secure your instance
  4. Install Windows on Vultr VPS – Here are the steps to build your server

Never again lose customers to poor
server speed! Let us help you.

GET STARTED