Definite's Extractor

My findings on Life, Linux, Open Source, and so on.

SSH Troubleshoot: Having valid key but still fall back to password

Do you have a valid key and the public key is ~/.ssh/authoried_keys of target ssh server, but you still need to type password? Here is the checklist you can refer:

  1. ~/.ssh  and its content should not have read/write permission for other users
    cd ; chmod og-rw .ssh
  2. Same goes with your remote directory ~/.ssh
  3. Your server home directory should not have read/write permission for other users
    cd ~/..; chmod o-rw <homeDir>
  4. If SELinux is enforced in server, make sure the SELinux type of ~/.ssh in server is user_ssh_home_tcd;  ls -dZ .ssh   # to list the SELinux type of ~/.ssh
    chcon -R -t user_ssh_home_t .ssh
  5. ssh -vvv <login@server> to get more information on the local side.
  6. See server log /var/log/secure for sshd output. Change LogLevel to DEBUG3  in /etc/ssh/sshd_config and restart sshd to get more detail debugging messages.
  7. See server log /var/log/audit/audit.log for SELinux log.

Note that this checking is for Fedora and RHEL. Yet you can change the path of files to accommodate your system.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: