SSH "Server refused our key" for all users except root user

linux centos ssh ssh-keys putty

9,611

It sounds like you are attempting to add a users key into root's authorized_keys file instead of the users authorized_keys file.

Just to clarify:

roots key should be in /root/.ssh/authorized_keys

users key should be in /home/USERNAME/.ssh/authorized_keys

It is possible to store the keys in /etc/ssh as you suggested, but not in the way that you are doing it. This is generally done when the users home directory is encrypted. In order for this to work, you need to make sure the following is done:

# mkdir /etc/ssh/USERNAME
# chmod 755 /etc/ssh/USERNAME
# chown USERNAME /etc/ssh/USERNAME
# touch /etc/ssh/USERNAME/authorized_keys
# chmod 644 /etc/ssh/USERNAME/authorized_keys
# chown USERNAME /etc/ssh/USERNAME/authorized_keys
# cat /home/USERNAME/.ssh/authorized_keys > /etc/ssh/USERNAME/authorized_keys
# echo "AuthorizedKeysFile /etc/ssh/%u/authorized_keys" >> /etc/ssh/sshd_config

Note: You might want to actually edit /etc/ssh/sshd_config instead of just appending to the end, as it is possible that you already have an AuthorizedKeysFile set.

9,611

Ashwin Mekala

Updated on September 18, 2022

Comments

Ashwin Mekala over 1 year
I followed this tutorial and key authentication worked great for root. but when I created user xxx and added different key in authorized_keys and tried to login using putty where error was shown " Server refused our key ". I changed .ssh/authorized_keys to /etc/ssh/keys/authorized_keys with chmod 700 for keys and chomd 600 for authorized_keys as I found some answers on net for this issue. I even tried to swap keys nothing worked! only root is able to login using keys.

In authorized_keys file:
```
ssh-rsa pub***key rsa-key-20140424

ssh-rsa pub***key rsa-key-20140426
```
At server log Nothing shown about any authentication accepted or rejected about user xxx.

Putty Event log
```
2014-04-26 13:28:02 Reading private key file "C:\mykey.ppk"

2014-04-26 13:28:04 Offered public key

2014-04-26 13:28:04 Server refused our key
```
Server OS : centos 6.5
- faker about 10 years
  
  Where did you add the key for user xxx? It needs to be in /home/xxx/.ssh/authorized_keys.
- philippe about 10 years
  
  If root user gets his/her key accepted, there is no reason for user xxx to be rejected. Key must be in /home/xxx/.ssh/authorized_keys, and user should be able to read this file. (owner user:user for both .ssh and authorized_keys, rights 700 for .ssh and 600 for authorized_keys). You may then want to check ssh server log file (usually /var/log/auth.log or /var/log/secure) and increase its verbosity by changing LogLevel INFO to DEBUG).
- AndrewL64 over 8 years
  
  Why is this closed though?? He did: 1. attempted to chmod the folders. 2. Showing the info he got regarding why it didn't work 3. And that he wanted to use the keys for all users and not just root
Ashwin Mekala about 10 years

sorry I'm new to linux didn't find any thing like in google