Security documentation issue

My YunoHost server

Hardware: VPS bought online running Debian 10
YunoHost version: 4.3.3
I have access to my server : Normally through SSH.
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : No.

Description of my issue

Hi! I was trying to go through and follow the documentation on Security | Yunohost Documentation and ran into a bit of an issue. I followed all the steps on that page, but by the end was unable to log in. I used the “id_rda.pub” key to attempt to log in with “username@my_yunohost_server”, but after it asked me for a password and when I entered the password for my normal ssh user account - it said it was invalid. I’m not really sure if I’m posting this in the correct category, so I apologize in advance if I’m not.

What is your normal SSH user account? You should be doing everything with admin.

I’ve followed these instructions in the past and it worked.

Try this to see more error codes. Nobody can help you without further information.

ssh -v admin@server.com

I just use sudo before typing any command that needs admin perms. It also seems admin@my_server.com is still asking for a password regardless of the key I attached.

This might be an obvious question, but when you made the SSH key did you type in password, or just leave it blank?

If you typed in password, you are still locking the SSH key with a password. You need to leave that password field blank when making the SSH key.

Can you try running ssh -v admin@server.com ?

It will tell us if it is key has a password, or something else is wrong.

I’m not sure if this is relevant, but I’m using mobaxterm to ssh into my server rather than a command line. Regardless I do remember adding a passphrase when it asked me, although the issue now is that I’m locked out of my server :sweat_smile: - Is there any way to get back in and fix the issue without resetting it?

Methodically try all your passwords.

OR

What VPS are you using? Sometimes there is a console/terminal you can login as root from inside your VPS company website.

I just tried all my passwords, it’s very strange because I can access SSH - but it’s like none of my passwords work. I did install webmin, I was wondering if you knew any way to recover access that way?

What VPS are you using?

Login to their website, and look for a console you can access from there.

If you can’t do it that way, then it is probably reinstall time.

Yeah, I’ll go find a way to fix that - then get back to the issue at hand here. I also just broke a corporate domain’s dns server today - so I’ll just uh let another person handle that then get back to you here.