On a standard default install of CentOS 6.3 I couldn’t get my SSH keys to work even though I had them enabled in
sshd_config and had them in the appropriate
I would try and login except the server wouldn’t even accept my key, it would just prompt for a password. It turns out that SELinux was blocking the keys from being accepted. The solution was to turn off SELinux fixed the issue, see below on how to do so.
Note: I highly recommend you do not follow this advice and leave SELinux enabled! Checkout how to do so below.
Type the below to manually turn SELinux off
[root@server ~] setenforce 0
This will only disable SELinux for this boot, if the system restarts the service will start up again
To fully disable SELinux you need to edit the file
/etc/sysconfig/selinux so it looks like mine below.
[root@server ~] cat /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted
If this still doesn’t fix your issue you need to ensure your permission on the
~/.ssh folder and
~/.ssh/authorized_keys file are correct, like below:
chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys
Thanks to bvansomeren's comment below you can actually just run the below command to fix this issue AND leave SELinux enabled!
restorecon -R -v ~/.ssh
I'm a Sysadmin for a web solutions company deploying clouds across the globe. I learn new things every day.
Subscribe to James Loh
Get the latest posts delivered right to your inbox