On 27 Jan 2024 08:12 +0000, from a...@strugglers.net (Andy Smith): > 2024-01-27T07:59:42.003881+00:00 t.example.com sshd[12319]: Postponed > publickey for root from 2001:db8:1f1:f0c2::2 port 37032 ssh2 [preauth] > 2024-01-27T07:59:42.017777+00:00 t.example.com sshd[12319]: Accepted > publickey for root from 2001:db8:1f1:f0c2::2 port 37032 ssh2: RSA > SHA256:iC8C78UYVJdr+bsqV1hbtBFuft6KHi0b8i308Zn0C9o > 2024-01-27T07:59:42.020718+00:00 t.example.com sshd[12319]: > pam_unix(sshd:session): session opened for user root by (uid=0) > 2024-01-27T07:59:42.033599+00:00 t.example.com systemd-logind[1729]: New > session 18604 of user root.
Thank you for using 2001:db8::/32 and example.com instead of some random made-up prefix and domain name. :-) > This only happens when I log in as root using a public key, i.e. > > ssh -i /path/to/pubkey r...@t.example.com According to https://access.redhat.com/solutions/20057 this can happen in cases where multiple authentication methods are tried. You should be able to confirm this by adding -v to your ssh command line and looking for authentication methods that are not your presumably intended publickey. According to https://forums.centos.org/viewtopic.php?t=52896 and https://stackoverflow.com/questions/46525629/ssh-failing-after-postponed-publickey-and-single-attempt it can also happen if there is a problem with accessing the secret key, but it looks like in those cases authentication ultimately fails, which is not the case for you, so that cause seems less likely. So I would first try adding to your ssh command: -o PreferredAuthentications=publickey If that causes the message to go away on the server side, then update your SSH client configuration accordingly. You can also try disabling all unwanted authentication methods as suggested on the Red Hat page, and maybe enabling them on a host-by-host and as-needed basis. -- Michael Kjörling 🔗 https://michael.kjorling.se “Remember when, on the Internet, nobody cared that you were a dog?”
