I have a SSH key which is passphrase-protected. Authentication to the server is by SSH key only, password authentication is disabled. Both the server and my desktop run Ubuntu 14.04 and authentication with that key and server is tested and working.
My goal is to have
cron copy files from my desktop machine to the server via
rsync. I plan to create a new 'backups-user' (with limited rights) on the server, and have cron running on my desktop to copy the files to the server as this second user. That should avoid the issue of having to enter the passphrase for my primary SSH key.
My problem is that I keep getting "Permission denied (publickey)" errors when I try to
ssh-copy-id the second SSH key to the server.
Both SSH keys (public and private) were created and are in
~/.ssh/ on my desktop. The user 'backups-user' was created on the server, but I cannot log in as that user yet.
Am I going about this the wrong way, or is there a better method of automating what I want to do?
Here is the output of
tom@desktop:~$ ssh -v backups-user@XX.XX.XX.XX OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to XX.XX.XX.XX [XX.XX.XX.XX] port 22. debug1: Connection established. debug1: identity file /home/tom/.ssh/id_rsa type -1 debug1: identity file /home/tom/.ssh/id_rsa-cert type -1 debug1: identity file /home/tom/.ssh/id_dsa type -1 debug1: identity file /home/tom/.ssh/id_dsa-cert type -1 debug1: identity file /home/tom/.ssh/id_ecdsa type -1 debug1: identity file /home/tom/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/tom/.ssh/id_ed25519 type -1 debug1: identity file /home/tom/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH_6.6.1* compat 0x04000000 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr firstname.lastname@example.org none debug1: kex: client->server aes128-ctr email@example.com none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ECDSA (redacted) debug1: Host 'XX.XX.XX.XX' is known and matches the ECDSA host key. debug1: Found key in /home/tom/.ssh/known_hosts:2 debug1: ssh_ecdsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: tom@Desktop debug1: Authentications that can continue: publickey debug1: Offering RSA public key: tom@Desktop debug1: Authentications that can continue: publickey debug1: Trying private key: /home/tom/.ssh/id_rsa debug1: Trying private key: /home/tom/.ssh/id_dsa debug1: Trying private key: /home/tom/.ssh/id_ecdsa debug1: Trying private key: /home/tom/.ssh/id_ed25519 debug1: No more authentication methods to try. Permission denied (publickey).