In CentOS 6.5 on the server added a new user. I need to organize the login under this user to the server using a public key.

I generated the keys on my machine, added the key to authorized_keys , but when I connect, I still ask for the password.

What's my mistake?

  • 2
    @victor_crimea, the standard script for catching ssh errors: * ssh -vvvT user@host - connect to the machine that we cannot and get verbose-listing. It will show what keys ssh tries to transmit and what happens next. * Check that folders like .ssh and private keys inside have permissions strictly 700 - ssh does not connect without this. * Look at /var/log/auth.log - etki
  • @Etki, I would put the last item first. - zb '

1 answer 1

quite often this is due to improper ownership and / or rights of the .ssh and / or its contents.

  1. fix affiliation:

     $ sudo chown -R пользователь:группа /путь/к/каталогу/.ssh

    where группа is the main group of the user. You can clarify it using:

     $ id пользователь uid=номер(пользователь) gid=номер(группа) …

  2. fix rights:

     $ sudo chmod -R go= /путь/к/каталогу/.ssh

You should also make sure that you put the public part of the key ( id_rsa.pub or id_dsa.pub ) in the authorized_keys file, and that this file is located exactly in the .ssh in the home directory of the created user.

In general, in order to avoid the problems described above, it is more convenient to copy the public key using the ssh-copy-id program:

 $ ssh-copy-id пользователь@сервер
  • If the key file is copied without ssh-copy-id , and manually, then you also need to correct selinux : restorecon -R -v ~/.ssh/authorized_keys - AK