Permission denied (publickey). when disabling PasswordAuthentication

Question

I have 2 machines:

• Windows machine with WSL installed, that serves as a client.
• Ubuntu machine, with a test-user user, that serves as a server.

Both computer are on the same network.

---

On the Ubuntu computer, what I did:

• I used ssh-keygen to generate two keys, I copied the id_rsa file to the WSL.
• Make sure the ssh service is up, with systemctl status ssh.

---

On the WSL, what I did:

• Copied the id_rsa file as key.
• Changed the permission of the key file with chmod 600 key.
• Connect to the server machine :

ssh -i key [email protected]

This works well, but it also ask me the password of the user.

hamuto@DESKTOP-HLSFHPR:~$ ssh -i key [email protected]
[email protected]'s password:

The problem with this thing is, that with Github Actions, I can't enter the password.
So I changed the file /etc/ssh/sshd_config in the server:

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no <-- I've changed that to no, and uncomment the line
#PermitEmptyPasswords no  

When I retry to connect with ssh:

hamuto@DESKTOP-HLSFHPR:~$ ssh -i key [email protected]
[email protected]: Permission denied (publickey).

Why is that?

Answer 1

After days of research, I found the solution:

• First thing first, I needed to understand that you only need one pair of key, generated on the Ubuntu server.
• In the server, you have to copy the id_rsa.pub in the ~/.ssh/authorized_keys.
• Set the permission correctly:

chown -R username:username /home/username/.ssh
chmod 700 /home/username/.ssh
chmod 600 /home/username/.ssh/authorized_keys

• Change the value of PubkeyAuthentication in the file /etc/ssh/sshd_config to yes and uncomment it.
• Copy the private id_rsa key, to the client. Set the permission to 600.

You can connect to the server:

ssh -i ~/.ssh/id_rsa [email protected]

Now it works.