24 Oct 2012
October 24, 2012

Using SSH Key Authentication with CENTOS 6.3 not working

October 24, 2012 Blog, Featured 0 Comment

You have set up SSH keys for allowing you to log into CENTOS 6.3 using ssh authentication, your /etc/sshd_config file has the following because you are wanting to use freenx-server.

PubkeyAuthentication yes

AuthorizedKeysFile    .ssh/authorized_keys2

You user has a .ssh folder with 600 ownership

 

You still get the following error

 

Login as root

Server refused our key

Simple Solution:

CENTOS 6.3 + SSK KEY AUTH + SELINUX = I AM BOROKEN?

As root, turn off selinux

setenforce 0

 

OR

http://wiki.centos.org/Manuals/ReleaseNotes/CentOS6.3#head-d261fbe9e9ee7564690adf254c8c794cc561666f

 

Make sure that you setup correctly the selinux context of the public key if you transfer it to a CentOS 6 server with selinux enabled. Otherwise selinux might forbid access to the ~/.ssh/authorized_keys file and by matter of consequence key authentication will not work. In order to setup the correct context you can use:

 

restorecon -R -v /home/$ACCOUNT/.ssh

 

http://www.linuxcommand.org/man_pages/restorecon8.html

 

 

for example to fix root on CENTOS 6.3 you can use

restorecon -R -v /root .ssh

 

Output:

[root@unknown-08-00-27-cf-23-69 ~]# restorecon -R -v /root .ssh

restorecon reset /root/.ssh context unconfined_u:object_r:admin_home_t:s0->unconfined_u:object_r:ssh_home_t:s0

restorecon reset /root/.ssh/authorized_keys2 context unconfined_u:object_r:admin_home_t:s0->unconfined_u:object_r:ssh_home_t:s0

Result / correct Solution

Using proof that is works:

usage: setenforce [ Enforcing | Permissive | 1 | 0 ]

[root@unknown-08-00-27-cf-23-69 ~]# setenforce 1

 

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Leave a Reply