How to Fix “SSH Too Many Authentication Failures” Error

Sometimes, while trying to connect to remote systems via SSH, you may encounter the error “Received disconnect from x.x.x.x port 22:2: Too many authentication failures”. In this short article, I will explain how to fix this error in a few simple steps.

Read Also: 4 Ways to Speed Up SSH Connections in Linux

Following is a screenshot of the error I encountered, while using the ssh client.

SSH - Too Many Authentication Failures
SSH – Too Many Authentication Failures

I discovered that this resulted from existence of many ssh identity keys on my machine, and each time I run the ssh client, it would try all my ssh keys known by the ssh-agent and all other keys, when attempting to connect to the remote server (vps2 as shown in the above screenshot). This is the default behavior of ssh.

Since ssh server (sshd) on the remote server expects a particular identity key, the server rejects the connection and ssh client aborts with the above error.

To fix this error, you need to add the IdentitiesOnly with a value of yes, which instructs ssh to only use the authentication identity files specified on the command line or the configured in the ssh_config file(s), even if ssh-agent offers additional identities.

For example:

$ ssh -o IdentitiesOnly=yes vps2
SSH Connection Successful
SSH Connection Successful

Alternatively, if you want this to work for all ssh client connections, you can configure it in your ~/.ssh/config file.

$ vim ~/.ssh/config

Add the following configuration in the file, under the Host * section as shown in the screesnhot.

Host * 
       	IdentitiesOnly=yes
Configure Identities in SSH
Configure Identities in SSH

Save the changes in the file and exit it. Now you should be able to run ssh without specifying the option -o IdentitiesOnly=yes on the command line as shown.

$ ssh vps2
SSH Connection Successful
SSH Connection Successful

For more information, see the ssh-config man page.

$ man ssh-config

You might find followng SSH related articles useful.

    1. How to Create SSH Tunneling or Port Forwarding in Linux
    2. How to Change Default SSH Port to Custom Port in Linux
    3. How to Find All Failed SSH Login Attempts in Linux
    4. How to Disable SSH Root Login in Linux
    5. 5 Ways to Keep Remote SSH Sessions Running After Closing SSH

In this short article, I showed how to easily fix the “Received disconnect from x.x.x.x port 22:2: Too many authentication failures” in ssh. If you have any questions, use the comment form below to reach us.

Hey TecMint readers,

Exciting news! Every month, our top blog commenters will have the chance to win fantastic rewards, like free Linux eBooks such as RHCE, RHCSA, LFCS, Learn Linux, and Awk, each worth $20!

Learn more about the contest and stand a chance to win by sharing your thoughts below!

Aaron Kili
Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

8 Comments

Leave a Reply
  1. Thank you, this helped.

    Give this a try:

    $ ssh-add ~/.ssh/vps2.pem
    

    this “fixed” the problem so that i don’t had to use the option any more

    Reply

Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.