How to Fix Permission Denied (Publickey,GSSAPI-Keyex,GSSAPI-With-Mic)?

When connecting to a remote server using SSH, you might encounter the error:

Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

This error indicates that the SSH client attempted authentication but the server rejected it. It usually occurs when the server expects public key authentication, but the client either does not provide a valid key or the key is not configured correctly.

Understanding why the permission denied (publickey,gssapi-keyex,gssapi-with-mic) error occurs can help you quickly restore secure server access.

What Does This Error Mean?

The message:

Permission denied (publickey,gssapi-keyex,gssapi-with-mic)

means the SSH server tried several authentication methods but none succeeded.

The authentication methods shown include:

• publickey → SSH key-based authentication
• gssapi-keyex → Kerberos-based authentication
• gssapi-with-mic → Secure Kerberos authentication

Most commonly, the failure occurs with public key authentication.

Common Causes of the Error

ssh user@server-ip

chmod 600 ~/.ssh/id_rsa
chmod 700 ~/.ssh

~/.ssh/authorized_keys

cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

ssh ubuntu@server-ip

eval "$(ssh-agent -s)"

ssh-add ~/.ssh/id_rsa

Step-by-Step Fix of Permission Denied (Publickey,GSSAPI-Keyex,GSSAPI-With-Mic)

ssh-keygen -t rsa -b 4096

ssh-copy-id user@server-ip

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

ssh -i ~/.ssh/id_rsa user@server-ip

Debugging SSH Authentication

Use verbose SSH output to identify the problem.

ssh -v user@server-ip

For more detailed logs:

ssh -vvv user@server-ip

This command shows which authentication method fails.

Python Example: Testing SSH Connectivity

Developers sometimes test SSH connections programmatically using Python.

Example using paramiko:

import paramiko

host = "server-ip"
username = "user"
key_file = "/home/user/.ssh/id_rsa"

client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())

try:
   client.connect(hostname=host, username=username, key_filename=key_file)
   print("SSH connection successful")
except Exception as e:
   print("Connection failed:", e)

client.close()

This script helps validate SSH authentication automatically.

Best Practices for SSH Authentication

To avoid the permission denied (publickey,gssapi-keyex,gssapi-with-mic) error:

1. Always use SSH keys instead of passwords
2. Secure private keys with correct permissions
3. Disable root SSH login where possible
4. Use SSH agents for key management
5. Rotate keys regularly for security

Proper SSH configuration improves both security and reliability.

When Does This Error Usually Occur?

The permission denied (publickey,gssapi-keyex,gssapi-with-mic) error often appears in these situations:

• First-time server setup
• Cloud VM access (AWS, Azure, GCP)
• Git repository authentication failures
• CI/CD pipeline deployments
• Incorrect SSH key configuration

Understanding these scenarios helps troubleshoot quickly.

Conclusion

The error permission denied (publickey,gssapi-keyex,gssapi-with-mic) occurs when the SSH server cannot authenticate the client using the available methods.

The most common causes include:

1. Missing SSH keys
2. Incorrect key permissions
3. Public key not added to the server
4. Wrong username
5. SSH agent not running

By generating keys, adding them to the server, fixing permissions, and verifying SSH configuration, you can quickly resolve the issue and restore secure remote access.