← Back to Home

OverTheWire Bandit: Level 13 → Level 14

Technical Note

Context

Normally, we use a username and password to log in via SSH. However, there is a more secure and automation-friendly method: Key-Based Authentication.

This system involves a “Public Key” (the lock) and a “Private Key” (the key). If your key fits the lock on the server, you enter without needing a password.

In this level, we are not given a password. Instead, we have a file named sshkey.private.

Tip: SSH keys are extremely sensitive. If you copy this file to /tmp or create it yourself, you must set strict permissions (chmod 600 sshkey.private). Otherwise, SSH might refuse to use it, complaining that “permissions are too open”. In this level, the file is ready to use, so we can ignore this.

Solution

Important: The server sometimes blocks connections from localhost. The most reliable method is to copy the key to your own computer and connect from there.

Method 1: Connect from Your Computer (Guaranteed)

  1. Read the key content on the server: 
    cat sshkey.private
  2. Copy the text (starting with -----BEGIN OPENSSH PRIVATE KEY-----).
  3. Create a file on your local computer and paste it: 
    nano bandit14.key
# Paste and save (Ctrl+O, Enter, Ctrl+X)
  4. Set permissions: 
    chmod 600 bandit14.key
  5. Connect from your computer: 
    ssh -i bandit14.key bandit14@bandit.labs.overthewire.org -p 2220
    This bypasses the “localhost blocked” error completely.

Method 2: Force Localhost Connection

If you want to stay on the server, try this command (might be blocked):

ssh -i sshkey.private -p 2220 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no bandit14@localhost

To make future logins easier, it’s a good idea to grab the actual password for bandit14. The password for each user is stored under /etc/bandit_pass/:

cat /etc/bandit_pass/bandit14
# 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e

Key Takeaways

  1. SSH Private Key (id_rsa): A digital key granting access. It must never be shared.
  2. -i Flag: Specifies which identity file (key) SSH should use.
  3. Localhost SSH: You can use SSH to switch users on the same machine by connecting to localhost.
← Previous Post
OverTheWire Bandit: Level 12 → Level 13
Next Post →
OverTheWire Bandit: Level 14 → Level 15