HostOnNet Blog

SSH publickey authentication not working

Looking for Linux Server Admin or WordPress Expert? We can help.

On a CentOS 6.8 server i added my SSH public key. When i login, it keep asking me the password.

I enabled debug message with

ssh -v root@SERVER-IP

Still don’t see any useful info to debug. It just ended up with

debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/boby/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/boby/.ssh/id_dsa
debug1: Trying private key: /home/boby/.ssh/id_ecdsa
debug1: Trying private key: /home/boby/.ssh/id_ed25519
debug1: Next authentication method: password
[email protected]’s password:

Check Server Log

On server side, you may find some useful info in

tail -f /var/log/secure

Check Permissions

On server, you need 600 permission for ~/.ssh folder and files inside it.

Check if PubkeyAuthentication enabled

You can see this from client side with ssh -v command. On server side make sure PubkeyAuthentication is set to yes.

[root@ET-02-01-SRV-001 ~]# grep PubkeyAuthentication /etc/ssh/sshd_config
PubkeyAuthentication yes 
[root@ET-02-01-SRV-001 ~]# 

If you make change to sshd_config file, make sure you restart sshd with

service sshd restart


If SELinux is enabled, you won’t be able to use public key authentication. You can disable SELinux or run

restorecon -R -v ~/.ssh


[root@ET-02-01-SRV-001 ~]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 30
Policy from config file:        targeted
[root@ET-02-01-SRV-001 ~]# restorecon -R -v ~/.ssh
restorecon reset /root/.ssh context unconfined_u:object_r:admin_home_t:s0->unconfined_u:object_r:ssh_home_t:s0
restorecon reset /root/.ssh/authorized_keys context unconfined_u:object_r:admin_home_t:s0->unconfined_u:object_r:ssh_home_t:s0
[root@ET-02-01-SRV-001 ~]# 

Posted in Linux

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.