Best Ways to Fix SSH Too Many Authentication Failures

The SSH server is a secure transfer protocol between two servers that can be used to transfer data and manage local or remote servers. We must use the SSH service to access the other user’s system. The correct SSH key, IP address, and user name must be authenticated to log in. Suppose the login credentials are incorrect or SSH maximum tries are exceeded; in that case, the SSH authentication failure error occurs.

This guide will explain this error’s reasons and causes using this timeline:

Let’s start with the first reason.

Reason 1: Incorrect Key for SSH Server

The main reason for the SSH authentication failure error is using the remote server’s incorrect user name, SSH key, or IP address. We must use the correct SSH key and IP address to remove this error.

Solution: Using the Correct SSH Key

This SSH has too many authentication failures that can be removed using the correct SSH key and IP address. The general syntax used to remove this error is given below:

$ ssh -i /path/to/id_rsa <user-name>@<ip-address>
  • /path/to/id_rsa: Replace it with the full path of the SSH key. The id_rsa key can be changed for your system, which can be checked using the “ls -A1 id_*” command.
  • <user-name>: The remote server name will be placed.
  • <ip-address>: Add the remote host IP address.

The following command is utilized to remove this SSH authentication failure error with the “itslinuxfoss” remote user name and “192.168.100.46” IP-address:

$ ssh -i ~/.ssh/id_rsa [email protected]

The SSH authentication error is removed.

Reason 2: Maximum Authentication Limit is Reached

The maximum number of authentication tries for a system is 6 by default; when a user tries more than this MaxAuth limit, the SSH authentication failure error occurs. The error can be removed by increasing the maximum authentication tries in the “/etc/ssh/sshd_config” system file.

Solution 1: Increase MaxAuth Tries Limit for SSH

 To increase the maximum number of authentication tries, you can follow the below steps:

Open the “/etc/ssh/sshd_config” file in the nano editor by utilizing the below-mentioned command:

$ sudo nano /etc/ssh/sshd_config

Navigate to the “MaxAuthTries 6” line and remove the pound (#) symbol. Now change the MaxAuth number to “10”, as shown below:

The maximum authentication limit is increased to 10.

Now, restart the sshd service by running the below command:

$ sudo systemctl restart sshd

The SSH too many authentication failures error is removed now.

Solution 2: Use Authentication Identity Keys Only

Another way to remove the SSH authentication error is by using the authentication identity keys for the remote server whose command is as follows:

$ ssh -o IdentitiesOnly=yes <remote-server-name>

To use the identity key for user “itslinuxfoss”, the following command will be used:

$ ssh -o IdentitiesOnly=yes itslinuxfoss

The SSH authentication error will be removed.

Alternatively, we can manually add the SSH “identity key” in the SSH configuration file using the below steps:

To work for all the SSH connections, the ~/.ssh/config file can be configured by opening it in the nano editor, using:

$ sudo nano ~/.ssh/config

Add the below “IdentitiesOnly=yes” code with the Host * line, as shown below:

Hosts *
       IdentitiesOnly=yes

The SSH configuration error is removed.

Let’s configure the SSH service for the “itslinuxfoss” user by using the below SSH command:

$ ssh itslinuxfoss

The SSH connection is configured successfully.

These are all the possible reasons and solutions to fix the “ssh too many authentication failures”.

Conclusion

The “SSH too many authentication failures error” occurs when the SSH authentication key, user name, or IP address is incorrect. This guide discusses the possible reasons and solutions (using the correct SSH key, increasing the MaxAuth limit, and using authentication identity keys only).