Debugging SSH

26 Apr 2015

When I setup a new user on a server, I always have a problem with logging in with the new user using its public key.

Today I've found a way to debug it by stopping the SSH service and starting it with the debug option. The logs tell me why logging in fails.

Here's how you can do it:

  1. Stop the SSH service service sshd stop. This won't kill ongoing SSH connections.
  2. Start the SSH service with the debug option: /usr/sbin/sshd -d

Now you can login with the new user, and I will see why it fails. One cryptic log message is below:

debug1: trying public key file /home/tanin/.ssh/authorized_keys debug1: fd 4 clearing O_NONBLOCK

This means we might use a wrong private key.

After you finish, you can start the SSH service again with: service sshd start.