SSH logging on Windows Server 2016 - “Server refused our key

I have an authentication problem in Windows Server 2016.

I've created a Local User (not Administrator) that needs to connect via SSH authenticating with its private key.

As Windows Server 2016 doesn't come with OpenSSH feature installable, I've followed this guide and succesfully installed the latest build of OpenSSH from PowerShell github repo. In Windows Server Services "OpenSSH SSH Server" is correctly running and set to automatic startup.

I've also created a specific Inbound Rule in Windows Firewall with Advanced Security to allow connections through port 22 only from specific IPs (as a matter of fact, standard authentication with username and password works both in Putty and WinSCP).

I've put the user's public key in an "authorized_keys" file in the ".ssh" folder inside user (later called username1) main directory. I've tried both manually (creating the folder and copying the file) and using WinSCP "Install Public Key into Server" feature. In both cases the result is the same.

The folder has read and write permissions both for the Administrators and the Local User that needs to authenticate. The key has the "ssh-rsa XXXXXXX rsa-key-YYYYMMDD" format.

Lastly, I've inserted the Private Key in the SSH -> Authentication tab inside WinSCP and tried to connect. I got the following "Server refused our key" error.

I got the same error both in WinSCP and Putty. I've created new Private/Public keys just for testing purposes, and created a "administrators_authorized_keys" file in "C:\ProgramData\ssh" with the same public key, but I get the same error. I suppose there is something wrong with file permission.

I can't figure out what I'm missing. I've read lots of questions, but they are all about Linux instances. Can someone please help me?

This is WinSCP log:

2019-12-17 14:16:03.852 -------------------------------------------------------------------------- 2019-12-17 14:16:03.889 Looking up host "XXX.XXX.XXX.X" for SSH connection 2019-12-17 14:16:03.889 Connecting to XXX.XXX.XXX.X port 22 2019-12-17 14:16:03.936 Selecting events 63 for socket 1788 2019-12-17 14:16:03.936 We claim version: SSH-2.0-WinSCP_release_5.15.9 2019-12-17 14:16:03.960 Waiting for the server to continue with the initialization 2019-12-17 14:16:03.961 Looking for incoming data 2019-12-17 14:16:03.961 Looking for network events 2019-12-17 14:16:03.961 Detected network event 2019-12-17 14:16:03.961 Enumerating network events for socket 1788 2019-12-17 14:16:03.961 Enumerated 18 network events making 18 cumulative events for socket 1788 2019-12-17 14:16:03.961 Handling network write event on socket 1788 with error 0 2019-12-17 14:16:03.961 Handling network connect event on socket 1788 with error 0 2019-12-17 14:16:03.961 Looking for network events 2019-12-17 14:16:04.026 Detected network event 2019-12-17 14:16:04.026 Enumerating network events for socket 1788 2019-12-17 14:16:04.026 Enumerated 1 network events making 1 cumulative events for socket 1788 2019-12-17 14:16:04.026 Handling network read event on socket 1788 with error 0 2019-12-17 14:16:04.027 Server version: SSH-2.0-OpenSSH_for_Windows_8.0 2019-12-17 14:16:04.027 Using SSH protocol version 2 2019-12-17 14:16:04.027 Have a known host key of type ssh-ed25519 2019-12-17 14:16:04.028 Waiting for the server to continue with the initialization 2019-12-17 14:16:04.028 Looking for incoming data 2019-12-17 14:16:04.028 Looking for network events 2019-12-17 14:16:04.078 Detected network event 2019-12-17 14:16:04.078 Enumerating network events for socket 1788 2019-12-17 14:16:04.078 Enumerated 1 network events making 1 cumulative events for socket 1788 2019-12-17 14:16:04.078 Handling network read event on socket 1788 with error 0 2019-12-17 14:16:04.079 Doing ECDH key exchange with curve Curve25519 and hash SHA-256 2019-12-17 14:16:04.103 Waiting for the server to continue with the initialization 2019-12-17 14:16:04.103 Looking for incoming data 2019-12-17 14:16:04.103 Looking for network events 2019-12-17 14:16:04.151 Detected network event 2019-12-17 14:16:04.151 Enumerating network events for socket 1788 2019-12-17 14:16:04.151 Enumerated 1 network events making 1 cumulative events for socket 1788 2019-12-17 14:16:04.151 Handling network read event on socket 1788 with error 0 2019-12-17 14:16:04.529 Server also has ecdsa-sha2-nistp256/ssh-rsa host keys, but we don't know any of them 2019-12-17 14:16:04.531 Host key fingerprint is: 2019-12-17 14:16:04.531 ssh-ed25519 256 XXXXXXXXX 2019-12-17 14:16:04.531 Verifying host key ssh-ed25519 XXXXXXXXXXX 2019-12-17 14:16:04.572 Host key matches cached key 2019-12-17 14:16:04.572 Selecting events 63 for socket 1788 2019-12-17 14:16:04.572 Initialised AES-256 SDCTR client->server encryption 2019-12-17 14:16:04.572 Initialised HMAC-SHA-256 client->server MAC algorithm 2019-12-17 14:16:04.572 Initialised AES-256 SDCTR server->client encryption 2019-12-17 14:16:04.572 Initialised HMAC-SHA-256 server->client MAC algorithm 2019-12-17 14:16:04.572 Waiting for the server to continue with the initialization 2019-12-17 14:16:04.572 Looking for incoming data 2019-12-17 14:16:04.572 Looking for network events 2019-12-17 14:16:04.746 Detected network event 2019-12-17 14:16:04.746 Enumerating network events for socket 1788 2019-12-17 14:16:04.746 Enumerated 1 network events making 1 cumulative events for socket 1788 2019-12-17 14:16:04.746 Handling network read event on socket 1788 with error 0 2019-12-17 14:16:04.746 Reading key file "C:\Users\username1\Desktop\private.ppk" ! 2019-12-17 14:16:04.748 Using username1 "USERNAME1". 2019-12-17 14:16:04.783 Waiting for the server to continue with the initialization 2019-12-17 14:16:04.783 Looking for incoming data 2019-12-17 14:16:04.783 Looking for network events 2019-12-17 14:16:04.847 Detected network event 2019-12-17 14:16:04.847 Enumerating network events for socket 1788 2019-12-17 14:16:04.847 Enumerated 1 network events making 1 cumulative events for socket 1788 2019-12-17 14:16:04.847 Handling network read event on socket 1788 with error 0 2019-12-17 14:16:04.847 Server offered these authentication methods: publickey,password,keyboard-interactive 2019-12-17 14:16:04.847 Offered public key 2019-12-17 14:16:04.847 Waiting for the server to continue with the initialization 2019-12-17 14:16:04.847 Looking for incoming data 2019-12-17 14:16:04.847 Looking for network events 2019-12-17 14:16:04.923 Detected network event 2019-12-17 14:16:04.923 Enumerating network events for socket 1788 2019-12-17 14:16:04.923 Enumerated 1 network events making 1 cumulative events for socket 1788 2019-12-17 14:16:04.923 Handling network read event on socket 1788 with error 0 ! 2019-12-17 14:16:04.923 Server refused our key 2019-12-17 14:16:04.937 Server refused our key 2019-12-17 14:16:04.937 Server offered these authentication methods: publickey,password,keyboard-interactive 2019-12-17 14:16:04.938 Attempting keyboard-interactive authentication 2019-12-17 14:16:04.938 Waiting for the server to continue with the initialization 2019-12-17 14:16:04.938 Looking for incoming data 2019-12-17 14:16:04.938 Looking for network events 2019-12-17 14:16:05.004 Detected network event 2019-12-17 14:16:05.005 Enumerating network events for socket 1788 2019-12-17 14:16:05.005 Enumerated 1 network events making 1 cumulative events for socket 1788 2019-12-17 14:16:05.005 Handling network read event on socket 1788 with error 0 2019-12-17 14:16:05.005 Server refused keyboard-interactive authentication 2019-12-17 14:16:05.005 Server offered these authentication methods: publickey,password,keyboard-interactive 2019-12-17 14:16:05.005 Prompt (password, "SSH password", <no instructions>, "&Password: ") 

Here OpenSSH log:

3356 2019-12-17 19:31:44.650 debug1: inetd sockets after dupping: 4, 4 3356 2019-12-17 19:31:44.650 Connection from X.XX.XX.XXX port 54728 on 10.0.0.2 port 22 3356 2019-12-17 19:31:44.650 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.0 3356 2019-12-17 19:31:44.650 debug1: Remote protocol version 2.0, remote software version WinSCP_release_5.15.9 3356 2019-12-17 19:31:44.650 debug1: no match: WinSCP_release_5.15.9 3356 2019-12-17 19:31:44.650 debug2: fd 4 setting O_NONBLOCK 3356 2019-12-17 19:31:44.666 debug3: spawning "C:\\Program Files\\OpenSSH\\sshd.exe" -y 3356 2019-12-17 19:31:44.666 debug2: Network child is on pid 4660 3356 2019-12-17 19:31:44.666 debug3: send_rexec_state: entering fd = 6 config len 289 3356 2019-12-17 19:31:44.666 debug3: ssh_msg_send: type 0 3356 2019-12-17 19:31:44.666 debug3: send_rexec_state: done 3356 2019-12-17 19:31:44.666 debug3: ssh_msg_send: type 0 3356 2019-12-17 19:31:44.666 debug3: ssh_msg_send: type 0 3356 2019-12-17 19:31:44.666 debug3: preauth child monitor started 3356 2019-12-17 19:31:44.681 debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] 3356 2019-12-17 19:31:44.681 debug3: send packet: type 20 [preauth] 3356 2019-12-17 19:31:44.681 debug1: SSH2_MSG_KEXINIT sent [preauth] 3356 2019-12-17 19:31:44.744 debug3: receive packet: type 20 [preauth] 3356 2019-12-17 19:31:44.744 debug1: SSH2_MSG_KEXINIT received [preauth] 3356 2019-12-17 19:31:44.744 debug2: local server KEXINIT proposal [preauth] 3356 2019-12-17 19:31:44.744 debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 [preauth] 3356 2019-12-17 19:31:44.744 debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] 3356 2019-12-17 19:31:44.744 debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] [preauth] 3356 2019-12-17 19:31:44.744 debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] [preauth] 3356 2019-12-17 19:31:44.744 debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth] 3356 2019-12-17 19:31:44.744 debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth] 3356 2019-12-17 19:31:44.744 debug2: compression ctos: none [preauth] 3356 2019-12-17 19:31:44.744 debug2: compression stoc: none [preauth] 3356 2019-12-17 19:31:44.744 debug2: languages ctos: [preauth] 3356 2019-12-17 19:31:44.744 debug2: languages stoc: [preauth] 3356 2019-12-17 19:31:44.744 debug2: first_kex_follows 0 [preauth] 3356 2019-12-17 19:31:44.744 debug2: reserved 0 [preauth] 3356 2019-12-17 19:31:44.744 debug2: peer client KEXINIT proposal [preauth] 3356 2019-12-17 19:31:44.744 debug2: KEX algorithms: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,rsa2048-sha256,rsa1024-sha1,diffie-hellman-group1-sha1 [preauth] 3356 2019-12-17 19:31:44.744 debug2: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss [preauth] 3356 2019-12-17 19:31:44.744 debug2: ciphers ctos: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[email protected],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth] 3356 2019-12-17 19:31:44.744 debug2: ciphers stoc: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[email protected],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth] 3356 2019-12-17 19:31:44.744 debug2: MACs ctos: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],[email protected] [preauth] 3356 2019-12-17 19:31:44.744 debug2: MACs stoc: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],[email protected] [preauth] 3356 2019-12-17 19:31:44.744 debug2: compression ctos: none,zlib [preauth] 3356 2019-12-17 19:31:44.744 debug2: compression stoc: none,zlib [preauth] 3356 2019-12-17 19:31:44.744 debug2: languages ctos: [preauth] 3356 2019-12-17 19:31:44.744 debug2: languages stoc: [preauth] 3356 2019-12-17 19:31:44.744 debug2: first_kex_follows 0 [preauth] 3356 2019-12-17 19:31:44.744 debug2: reserved 0 [preauth] 3356 2019-12-17 19:31:44.744 debug1: kex: algorithm: [email protected] [preauth] 3356 2019-12-17 19:31:44.744 debug1: kex: host key algorithm: ssh-ed25519 [preauth] 3356 2019-12-17 19:31:44.744 debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth] 3356 2019-12-17 19:31:44.744 debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth] 3356 2019-12-17 19:31:44.744 debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth] 3356 2019-12-17 19:31:44.822 debug3: receive packet: type 30 [preauth] 3356 2019-12-17 19:31:44.822 debug3: mm_sshkey_sign entering [preauth] 3356 2019-12-17 19:31:44.822 debug3: mm_request_send entering: type 6 [preauth] 3356 2019-12-17 19:31:44.822 debug3: mm_request_receive entering 3356 2019-12-17 19:31:44.822 debug3: monitor_read: checking request 6 3356 2019-12-17 19:31:44.822 debug3: mm_answer_sign 3356 2019-12-17 19:31:44.822 debug3: mm_answer_sign: hostkey proof signature 000001D8B28BAFA0(83) 3356 2019-12-17 19:31:44.822 debug3: mm_request_send entering: type 7 3356 2019-12-17 19:31:44.822 debug2: monitor_read: 6 used once, disabling now 3356 2019-12-17 19:31:44.822 debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth] 3356 2019-12-17 19:31:44.822 debug3: mm_request_receive_expect entering: type 7 [preauth] 3356 2019-12-17 19:31:44.822 debug3: mm_request_receive entering [preauth] 3356 2019-12-17 19:31:44.822 debug3: send packet: type 31 [preauth] 3356 2019-12-17 19:31:44.822 debug3: send packet: type 21 [preauth] 3356 2019-12-17 19:31:44.822 debug2: set_newkeys: mode 1 [preauth] 3356 2019-12-17 19:31:44.822 debug1: rekey out after 4294967296 blocks [preauth] 3356 2019-12-17 19:31:44.822 debug1: SSH2_MSG_NEWKEYS sent [preauth] 3356 2019-12-17 19:31:44.822 debug1: expecting SSH2_MSG_NEWKEYS [preauth] 3356 2019-12-17 19:31:45.338 debug3: receive packet: type 21 [preauth] 3356 2019-12-17 19:31:45.338 debug1: SSH2_MSG_NEWKEYS received [preauth] 3356 2019-12-17 19:31:45.338 debug2: set_newkeys: mode 0 [preauth] 3356 2019-12-17 19:31:45.338 debug1: rekey in after 4294967296 blocks [preauth] 3356 2019-12-17 19:31:45.338 debug1: KEX done [preauth] 3356 2019-12-17 19:31:45.416 debug3: receive packet: type 5 [preauth] 3356 2019-12-17 19:31:45.416 debug3: send packet: type 6 [preauth] 3356 2019-12-17 19:31:45.494 debug3: receive packet: type 50 [preauth] 3356 2019-12-17 19:31:45.494 debug1: userauth-request for user username1 service ssh-connection method none [preauth] 3356 2019-12-17 19:31:45.494 debug1: attempt 0 failures 0 [preauth] 3356 2019-12-17 19:31:45.494 debug3: mm_getpwnamallow entering [preauth] 3356 2019-12-17 19:31:45.494 debug3: mm_request_send entering: type 8 [preauth] 3356 2019-12-17 19:31:45.494 debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth] 3356 2019-12-17 19:31:45.494 debug3: mm_request_receive_expect entering: type 9 [preauth] 3356 2019-12-17 19:31:45.494 debug3: mm_request_receive entering [preauth] 3356 2019-12-17 19:31:45.494 debug3: mm_request_receive entering 3356 2019-12-17 19:31:45.494 debug3: monitor_read: checking request 8 3356 2019-12-17 19:31:45.494 debug3: mm_answer_pwnamallow 3356 2019-12-17 19:31:45.494 debug2: parse_server_config: config reprocess config len 289 3356 2019-12-17 19:31:45.494 debug3: checking match for 'Group administrators' user username1 host X.XX.XX.XXX addr X.XX.XX.XXX laddr 10.0.0.2 lport 22 3356 2019-12-17 19:31:45.494 debug3: LsaLogonUser Succeeded (Impersonation: 0) 3356 2019-12-17 19:31:45.494 debug1: user username1 does not match group list administrators at line 87 3356 2019-12-17 19:31:45.494 debug3: match not found 3356 2019-12-17 19:31:45.494 debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1 3356 2019-12-17 19:31:45.494 debug3: mm_request_send entering: type 9 3356 2019-12-17 19:31:45.494 debug2: monitor_read: 8 used once, disabling now 3356 2019-12-17 19:31:45.494 debug2: input_userauth_request: setting up authctxt for username1 [preauth] 3356 2019-12-17 19:31:45.494 debug3: mm_inform_authserv entering [preauth] 3356 2019-12-17 19:31:45.494 debug3: mm_request_send entering: type 4 [preauth] 3356 2019-12-17 19:31:45.494 debug3: mm_request_receive entering 3356 2019-12-17 19:31:45.494 debug3: monitor_read: checking request 4 3356 2019-12-17 19:31:45.494 debug3: mm_answer_authserv: service=ssh-connection, style= 3356 2019-12-17 19:31:45.494 debug2: monitor_read: 4 used once, disabling now 3356 2019-12-17 19:31:45.494 debug2: input_userauth_request: try method none [preauth] 3356 2019-12-17 19:31:45.494 debug3: user_specific_delay: user specific delay 0.000ms [preauth] 3356 2019-12-17 19:31:45.494 debug3: ensure_minimum_time_since: elapsed 0.000ms, delaying 8.286ms (requested 8.286ms) [preauth] 3356 2019-12-17 19:31:45.510 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth] 3356 2019-12-17 19:31:45.510 debug3: send packet: type 51 [preauth] 3356 2019-12-17 19:31:45.556 debug3: receive packet: type 50 [preauth] 3356 2019-12-17 19:31:45.556 debug1: userauth-request for user username1 service ssh-connection method publickey [preauth] 3356 2019-12-17 19:31:45.556 debug1: attempt 1 failures 0 [preauth] 3356 2019-12-17 19:31:45.556 debug2: input_userauth_request: try method publickey [preauth] 3356 2019-12-17 19:31:45.556 debug2: userauth_pubkey: valid user username1 querying public key ssh-rsa XXXXXXXXXXX [preauth] 3356 2019-12-17 19:31:45.556 debug1: userauth_pubkey: test pkalg ssh-rsa pkblob RSA SHA256:XXXXXXX [preauth] 3356 2019-12-17 19:31:45.556 debug3: mm_key_allowed entering [preauth] 3356 2019-12-17 19:31:45.556 debug3: mm_request_send entering: type 22 [preauth] 3356 2019-12-17 19:31:45.556 debug3: mm_request_receive entering 3356 2019-12-17 19:31:45.556 debug3: monitor_read: checking request 22 3356 2019-12-17 19:31:45.556 debug3: mm_answer_keyallowed entering 3356 2019-12-17 19:31:45.556 debug3: mm_answer_keyallowed: key_from_blob: 000001D8B28BF1C0 3356 2019-12-17 19:31:45.556 debug1: trying public key file C:\\Users\\username1\\.ssh/authorized_keys 3356 2019-12-17 19:31:45.556 debug3: Bad permissions. Try removing permissions for user: VM-EPM\\username2 (S-1-5-21-3826319457-1004635287-1909893433-1001) on file C:/Users/username1/.ssh/authorized_keys. 3356 2019-12-17 19:31:45.556 Authentication refused. 3356 2019-12-17 19:31:45.556 debug3: mm_answer_keyallowed: publickey authentication test: RSA key is not allowed 3356 2019-12-17 19:31:45.556 Failed publickey for username1 from X.XX.XX.XXX port 54728 ssh2: RSA SHA256:o8b9CXuYPzNSz6M/rsN+XAQHqEcdPwWasDglinXbtig 3356 2019-12-17 19:31:45.556 debug3: mm_request_send entering: type 23 3356 2019-12-17 19:31:45.556 debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth] 3356 2019-12-17 19:31:45.556 debug3: mm_request_receive_expect entering: type 23 [preauth] 3356 2019-12-17 19:31:45.556 debug3: mm_request_receive entering [preauth] 3356 2019-12-17 19:31:45.556 debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa [preauth] 3356 2019-12-17 19:31:45.556 debug3: user_specific_delay: user specific delay 0.000ms [preauth] 3356 2019-12-17 19:31:45.556 debug3: ensure_minimum_time_since: elapsed 0.000ms, delaying 8.286ms (requested 8.286ms) [preauth] 3356 2019-12-17 19:31:45.572 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth] 3356 2019-12-17 19:31:45.572 debug3: send packet: type 51 [preauth] 3356 2019-12-17 19:31:45.666 debug3: receive packet: type 50 [preauth] 3356 2019-12-17 19:31:45.666 debug1: userauth-request for user username1 service ssh-connection method keyboard-interactive [preauth] 3356 2019-12-17 19:31:45.666 debug1: attempt 2 failures 1 [preauth] 3356 2019-12-17 19:31:45.666 debug2: input_userauth_request: try method keyboard-interactive [preauth] 3356 2019-12-17 19:31:45.666 debug1: keyboard-interactive devs [preauth] 3356 2019-12-17 19:31:45.666 debug1: auth2_challenge: user=username1 devs= [preauth] 3356 2019-12-17 19:31:45.666 debug1: kbdint_alloc: devices '' [preauth] 3356 2019-12-17 19:31:45.666 debug2: auth2_challenge_start: devices [preauth] 3356 2019-12-17 19:31:45.666 debug3: user_specific_delay: user specific delay 0.000ms [preauth] 3356 2019-12-17 19:31:45.666 debug3: ensure_minimum_time_since: elapsed 0.000ms, delaying 8.286ms (requested 8.286ms) [preauth] 3356 2019-12-17 19:31:45.681 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth] 3356 2019-12-17 19:31:45.681 debug3: send packet: type 51 [preauth] 

In both logs, username1 is the Local User that needs to connect, username2 is an Administrator (not SYSTEM).

Thanks,

Andrea