[SSH] SSH connection with users who don't have password set fails even with public key authentication only

Tadashi Shigeoka ·  Sun, June 28, 2015

I’ll introduce the issue where SSH connection fails even with public key authentication only when trying to connect with a user who doesn’t have a password set.

When trying SSH connection with the -v option, you get Permission denied (publickey).

ssh [email protected] -v
...

debug1: No more authentication methods to try.
Permission denied (publickey).

When “Permission denied (publickey).” is displayed, logs are written to /var/log/secure on the server, so let’s check it.

# tail -F /var/log/secure
Jun 28 18:44:57 host sshd[1370]: User your_username not allowed because account is locked
Jun 28 18:44:57 host sshd[1372]: input_userauth_request: invalid user your_username
Jun 28 18:44:57 host sshd[1372]: Connection closed by 123.123.123.123

It seems that the sshd_config setting prevents users without passwords from logging in via SSH, so let’s obediently set a password for the user.

passwd your_username

To improve security, it’s better to set passwords for users from the beginning. That’s all from the Gemba.

Reference Information