That is my understanding, yes. Regardless of the flavor of public-key cryptography being used, one side of the communication needs a private key and the other side needs a public key. So, for any peer you want to send a message to, you need possession of their public key in advance. (Keep in mind that the VPN "server" is really just another peer and it can initiate connections to its peers.)
Hard to say without more info! A few ideas and things to check:
You might try SSHing with extra verbosity (e.g. ssh -vvv me@10.0.0.1) to see what SSH keys your computer is offering.
Make sure the corresponding public key exists in ~/.ssh/authorized_keys on the server, for the user account you're SSHing into.
Look in /var/log/auth.log on the server and see what messages sshd is emitting when you try to log in.
Make sure permissions on that ~/.ssh folder on the server are correct (sudo chmod 0700 ~/.ssh && sudo chmod 0600 ~/.ssh/*). Same for the ~/.ssh folder on your local machine.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Thanks! Clearly written, I just gave it a go and it works!
Question:
[Peer]entry in the server's/etc/wireguard/wg0.conffile?me@10.0.0.1: Permission denied (publickey)., what's the problem here?I mostly want the VPN to allow me to access devices with ssh.
ssh -vvv me@10.0.0.1) to see what SSH keys your computer is offering.~/.ssh/authorized_keyson the server, for the user account you're SSHing into./var/log/auth.logon the server and see what messagessshdis emitting when you try to log in.~/.sshfolder on the server are correct (sudo chmod 0700 ~/.ssh && sudo chmod 0600 ~/.ssh/*). Same for the~/.sshfolder on your local machine.