Connecting to a remote Centos server using SSH Keys

Question

I am trying to connect to a Centos 6.3 Server using an SSH Key so I can run a script remotely without it asking for a password everytime. I have followed the following instructions:

1. Login to the server using the normal ssh command and password one time so the server adds your computer to the known hosts
2. In your computer using cygwin-terminal generate the keys and leave the passphrase blank:ssh-keygen -t rsa
3. Now set permissions on your private key and ssh folder:chmod 700 ~/.ssh & chmod 600 ~/.ssh/id_rsa
4. Copy the public key (id_rsa.pub) to the server, login to the server and add the public key to the authorized_keys list: cat id_rsa.pub >> ~/.ssh/authorized_keys
5. Once you've imported the public key, you can delete it from the server. Set file permissions on the server: chmod 700 ~/.ssh & chmod 600 ~/.ssh/authorized_keys
6. Retart the ssh daemon on the server: service sshd restart
7. Test the connection from your computer:ssh [email protected]

But when I try to ssh to the remote server it is still asking me for the password. The .ssh folder was not created on the server so I had to created myself. Any ideas of what might be happening? did I miss something? Is there another way to set up the keys?

Answer 1

Well it turns out I had stupidly changed the owner of the /root directory when I was setting up the server so since this is where the /.ssh directory was for the user I was trying to loggin with (root) it was denying access to that directory because it belonged to another user.

Dec 10 16:25:49 thyme sshd[9121]: Authentication refused: bad ownership or modes for directory /root

I changed the owner back to root and that did it.

chown root /root

Thanks guys for you help.

Answer 2

Apparently this is a known bug. The suggested solution doesn't actually work, but I found that this would on a CentOS 6.2 system at work:

chmod 600 .ssh/authorized_keys
chmod 700 .ssh

Answer 3

Althogh OP had found a solution, I would like to record my solution of similar problem in the hope that it will be helpful to those who google similar problem and reach this answer.

The reason of my issue is that the .ssh directory in the user's home folder on CentOS server was not set a proper mode after being created by useradd command.

In addition, I need to manually set .ssh folder mode by following commands:

chmod g-w /home/user

chmod 700 /home/user/.ssh

chmod 600 /home/user/.ssh/authorized_keys

Answer 4

Other answers are generic, note that Centos 6 uses selinux. selinux can deny access to the authorised_keys file despite correct permissions and ownership

From the known issues in Centos 6 Release Notes:

• Make sure that you setup correctly the selinux context of the public key if you transfer it to a CentOS 6 server with selinux enabled. Otherwise selinux might forbid access to the ~/.ssh/authorized_keys file and by matter of consequence key authentication will not work. In order to setup the correct context you can use:

  restorecon -R -v /home/user/.ssh

• ssh-copy-id from CentOS 6 is aware of selinux contexts and the previous workaround is not needed.