SSH keys don't work on a fresh install of CentOS

On a standard default install of CentOS 6.3 I couldn’t get my SSH keys to work even though I had them enabled in sshd_config and had them in the appropriate authorized_keys file.

I would try and login except the server wouldn’t even accept my key, it would just prompt for a password. It turns out that SELinux was blocking the keys from being accepted. The solution was to turn off SELinux fixed the issue, see below on how to do so.

Want to keep SELinux enabled? Check below for more information.

  1. Type the below to manually turn SELinux off
    [root@server ~] setenforce 0
    This will only disable SELinux for this boot, if the system restarts the service will start up again

  2. To fully disable SELinux you need to edit the file /etc/sysconfig/selinux so it looks like mine below.

  [root@server ~] cat /etc/sysconfig/selinux
  # This file controls the state of SELinux on the system.
  # SELINUX= can take one of these three values:
  # enforcing - SELinux security policy is enforced.
  # permissive - SELinux prints warnings instead of enforcing.
  # disabled - No SELinux policy is loaded.
  # SELINUXTYPE= can take one of these two values:
  # targeted - Targeted processes are protected,
  # mls - Multi Level Security protection.

If this still doesn’t fix your issue you need to ensure your permission on the ~/.ssh folder and ~/.ssh/authorized_keys file are correct, like below:

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

Leaving SELinux Enabled

Thanks to bvansomeren's comment below you can actually just run the below command to fix this issue AND leave SELinux enabled!

restorecon -R -v ~/.ssh

James Loh

I'm a Sysadmin for a web solutions company deploying clouds across the globe. I learn new things every day.

Australia @itsjloh jloh jloh