Ok, so that explains what the error is. But, hey. If I see a slider button that says "Disable SSH Password" that means to me "Disable password on SSH" meaning I can SSH into the box without a password.
Nowhere does it say I have to provide a public key, nor how to do it.
Maybe it should be renamed to "Disable SSH" to eliminate confusion.
The on-screen context help clearly states "Set to ON if you have copied private SSH keys to your HTPC and would like to improve security by disabling SSH username and password authentication" so I think we have the bases covered. It would be inappropriate to change the label text as you suggest because disabling password-auth does not disable the SSH service (that's the line immediately above).
So how does one access this "on-screen context"?
It seems to be a hidden feature. F1 does nothing, "H" brings up information about a PVR, Right click on mouse does nothing. "?" does nothing
So how does one access this "on-screen context"?
It seems to be a hidden feature. F1 does nothing, "H" brings up information about a PVR, Right click on mouse does nothing. "?" does nothing
It's at the bottom of the screen.
Ok thanks. My VERY Bad.
I have similar issue, if OP thinks I need to create a new thread, I will 
I'm using OE version 8.0.1.
The following have been done:
1) Followed this instruction to create public key: Config connect ssh wo password - OpenELEC
The following is the permission of the files:
-rw------- 1 root root 1675 May 21 03:21 id_rsa
-rw-r--r-- 1 root root 391 May 21 03:21 id_rsa.pub
-rw-r--r-- 1 root root 166 Mar 31 23:12 known_hosts2) Transferred the public key and add the public key to the remote device "~/.ssh/authorized_keys" file
The following is the permission of the file:
-rw-r--r-- 1 televisi staff 392 21 May 03:22 authorized_key3) Went to OE GUI and TICK the "Disable SSH password" option
4) Run the following command:
echo 'SSHD_DISABLE_PW_AUTH="true"' > /storage/.cache/services/sshd.conf
systemctl restart sshdThe following is the content of my /storage/.cache/services/sshd.conf:
SSHD_DISABLE_PW_AUTH="true"
SSH_ARGS="-o 'PasswordAuthentication no'"Error received: Permission denied (publickey,keyboard-interactive).
Does it mean my remote machine (OSX) does not recognise the public key?
PS: If I UNTICK the "Disable SSH password" option; I can relogin SSH, but requires password .
Error received: Permission denied (publickey,keyboard-interactive).Does it mean my remote machine (OSX) does not recognise the public key?
It means you are attempting to authenticate with a password, which is not a valid authentication method. If you allowed passwords the methods available would be "publickey,password,keyboard-interactive".
It means you are attempting to authenticate with a password, which is not a valid authentication method. If you allowed passwords the methods available would be "publickey,password,keyboard-interactive".
Err... does it mean the suggestion to add the following lines are incorrect, then?
SSHD_DISABLE_PW_AUTH="true"
SSH_ARGS="-o 'PasswordAuthentication no'"The only thing you need to do is enable "disable password auth" in LE settings. You need to deploy keys and create authorized_keys but there's no need to edit other files.
Okay, I found the resolution and managed to find the problem.
The instruction on Config connect ssh wo password - OpenELEC is to copy the public key of OE to the authorized_keys file on remote machine (in my case Mac); it should be the other way around, the public key of the one who connecting from is the one to be stored on OE authorized_keys file.
The following works for me:
On MAC (not on OE server):
1) Generate RSA key
Mac:televisi$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/televisi/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/televisi/.ssh/id_rsa.
Your public key has been saved in /Users/televisi/.ssh/id_rsa.pub.
The key fingerprint is:
ssh-256:xxxxx [email protected]
The key's randomart image is
xxxx2) Get the contents of the public key (~/.ssh/id_rsa.pub)
Mac:televisi$ vi ~/.ssh/id_rsa.pub
ssh-rsa:blablablapublic_keyForMac [email protected]On OE:
3) SSH to OE
4) Copy the contents of public key retrieved before (from OSX, step 2) to OE ~/.ssh/authorized_keys file
echo 'ssh-rsa:blablablapublic_keyForMac [email protected]' >> ~/.ssh/authorized_keys5) Make sure the ~/.ssh/authorized_keys has the following permission
-rw------- 1 root root 395 May 22 04:24 authorized_keys
if not, just run "chmod 600 authorized_keys"
On OE GUI:
6) Go to OE GUI > Settings > OpenElec > Services > SSH
7) Disable SSH Password = TICK
On OSX:
use ssh root@OE without password now