On a standard default install of CentOS 6.3 I couldn’t get my SSH keys to work even though I had them enabled in sshd_config and had them in the appropriate authorized_keys file.
I would try and login except the server wouldn’t even accept my key, it would just prompt for a password. It turns out that SELinux was blocking the keys from being accepted. The solution was to turn off SELinux fixed the issue, see below on how to do so.
Note: I highly recommend you do not follow this advice and leave SELinux enabled! Checkout how to do so below .
-
Type the below to manually turn SELinux off
[root@server ~] setenforce 0
This will only disable SELinux for this boot, if the system restarts the service will start up again -
To fully disable SELinux you need to edit the file
/etc/sysconfig/selinuxso it looks like mine below.
[root@server ~] cat /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
If this still doesn’t fix your issue you need to ensure your permission on the ~/.ssh folder and ~/.ssh/authorized_keys file are correct, like below:
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
Leaving SELinux Enabled
Thanks to bvansomeren’s comment below you can actually just run the below command to fix this issue AND leave SELinux enabled!
restorecon -R -v ~/.ssh