Can't get SSH public key authentication to work [closed]
Check that your Centos machine has:
RSAAuthentication yes
PubkeyAuthentication yes
in sshd_config
and ensure that you have proper permission on the centos machine's ~/.ssh/ directory.
chmod 700 ~/.ssh/
chmod 600 ~/.ssh/*
should do the trick.
I had a similar problem - remote PC couldn't use public key authentication to log in to CentOs 6 server. The problem in my case was SELinux related - the home directory of the user trying to log in had message up security contexts. I resolved this by using the restorecon
tool thusly:
restorecon -Rv /home
1- check your /etc/ssh/sshd_config, ensure you have
RSAAuthentication yes PubkeyAuthentication yes
2- check the secure log from remote machine, look-up the detail sshd daemon error log. e.g. in my Ubuntu
# grep 'sshd' /var/log/secure | grep 'Authentication refused' | tail -5 Aug 4 06:20:22 xxx sshd[16860]: Authentication refused: bad ownership or modes for directory /home/xxx Aug 4 06:20:22 xxx sshd[16860]: Authentication refused: bad ownership or modes for directory /home/xxx Aug 4 06:21:21 xxx sshd[17028]: Authentication refused: bad ownership or modes for directory /home/xxx Aug 4 06:21:21 xxx sshd[17028]: Authentication refused: bad ownership or modes for directory /home/xxx Aug 4 06:27:39 xxx sshd[20362]: Authentication refused: bad ownership or modes for directory /home/xxx
Then check the ownership and modes for directory /home/xxx, maybe you need run this
chmod 755 /home/xxx
Double check that your permissions are correct and file structure (specifically spelling) are correct, for both local and remote machines. The URL you refer to states them all, but it's worth checking that what you have matches. Normally permissions will throw a relevant error though.
Have you checked that the sshd_config on your CentOS 5.3 box is set to allow PubkeyAuthentication or RSAAuthentication ?
Check the SSH server logs on the CentOS system - it may provide more information. I'm not sure if CentOS does the blacklisted ssh key checking that debian does, but I've seen ssh publickey rejections that are relatively silent as far as -vvv output goes, but the logs pretty clearly explained what was going on
Got it! Turns out it was a client-side issue. (I think that any server-side issue would have yielded more useful debug output.) For reasons unknown to me, on my Mac, the file /etc/ssh_config had the line
PubkeyAuthentication = no
I commented out that one line, and now everything works fine.