Hello, I’ve copy pasted the server example from https://docs.rs/thrussh/0.33.5/thrussh/index.html and tried SSHing. However I always get permission denied when using public key. I’ve added debug print to auth_publickey method and it never gets called. However auth_password works properly. Am I missing something? Public key authorization is enabled because ssh returns error: Permission denied (publickey)..

Log:

DEBUG thrussh::server::encrypted > packet pushed
 DEBUG thrussh::cipher            > writing, seqn = 5
 DEBUG thrussh::cipher            > padding length 8
 DEBUG thrussh::cipher            > packet_length 24
 DEBUG thrussh::cipher            > reading, len = [117, 166, 120, 209]
 DEBUG thrussh::cipher            > reading, seqn = 6
 DEBUG thrussh::cipher            > reading, clear len = 368
 DEBUG thrussh::cipher            > read_exact 372
 DEBUG thrussh::cipher            > read_exact done
 DEBUG thrussh::cipher            > reading, padding_length 11
 DEBUG thrussh::server::encrypted > server_read_encrypted, buf = [50, 0, 0, 0, 9, 109, 97, 114, 101, 107, 107, 111, 110, 53, 0, 0, 0, 14, 115, 115]
 DEBUG thrussh::server::encrypted > rek = None
 DEBUG thrussh::server::encrypted > name: "marekkon5" Ok("ssh-connection") Ok("publickey")
 DEBUG thrussh::server::encrypted > algo: [115, 115, 104, 45, 114, 115, 97], key: [0, 0, 0, 7, 115, 115, 104, 45, 114, 115, 97, 0, 0, 0, 3, 1, 0, 1, 0, 0, 1, 1, 0, 153, 171, 189, 222, 25, 92, 165, 112, 41, 154, 154, 150, 227, 138, 12, 87, 97, 166, 27, 122, 15, 234, 123, 121, 38, 92, 139, 34, 21, 216, 198, 246, 189, 155, 212, 251, 167, 3, 202, 75, 57, 198, 192, 124, 40, 38, 109, 39, 234, 98, 219, 7, 140, 87, 235, 67, 121, 25, 23, 173, 41, 42, 144, 173, 80, 75, 3, 212, 220, 108, 217, 91, 72, 2, 57, 132, 208, 35, 28, 16, 198, 213, 29, 164, 238, 62, 51, 229, 177, 27, 139, 197, 198, 121, 56, 189, 248, 216, 175, 177, 216, 5, 52, 201, 222, 158, 51, 182, 43, 222, 140, 170, 146, 155, 133, 223, 36, 57, 234, 117, 189, 97, 88, 231, 149, 53, 0, 252, 180, 216, 120, 150, 153, 165, 132, 130, 199, 84, 51, 226, 83, 63, 155, 176, 106, 24, 63, 17, 179, 248, 65, 110, 247, 221, 184, 234, 107, 101, 74, 74, 146, 31, 22, 229, 48, 21, 41, 116, 117, 178, 59, 50, 203, 199, 96, 179, 166, 33, 0, 95, 44, 224, 56, 124, 248, 8, 241, 128, 208, 10, 58, 252, 94, 250, 235, 20, 99, 74, 66, 85, 165, 92, 84, 41, 84, 172, 102, 90, 46, 98, 94, 174, 105, 37, 19, 68, 168, 12, 44, 33, 218, 187, 184, 78, 200, 122, 34, 1, 144, 128, 14, 96, 163, 172, 246, 22, 212, 89, 42, 212, 224, 195, 237, 148, 165, 55, 121, 120, 81, 9, 16, 158, 112, 59, 123, 219]
 DEBUG thrussh::server::encrypted > rejecting AuthRequest { methods: PUBLICKEY, partial_success: false, current: None, rejection_count: 2 }
 DEBUG thrussh::server::encrypted > packet pushed
 DEBUG thrussh::cipher            > writing, seqn = 6
 DEBUG thrussh::cipher            > padding length 8
 DEBUG thrussh::cipher            > packet_length 24

Thank you.

If you use the default configuration from the example, your client needs to send a ed25519 key. Might it be that you were trying to use a rsa key? You can generate a ed25519 keypair using the following command:

ssh-keygen -t ed25519 -C "your@mail"

Then call your server with the following:

ssh -i ~/.ssh/id_ed25519   -o "UserKnownHostsFile=/dev/null" -o PreferredAuthentications=publickey -o StrictHostKeyChecking=no localhost -p 2222

(of course you need to adapt the path to your key if you stored it somewhere different.)