SSH "Server refused our key" for all users except root user
It sounds like you are attempting to add a users key into root's authorized_keys
file instead of the users authorized_keys
file.
Just to clarify:
roots key should be in /root/.ssh/authorized_keys
users key should be in /home/USERNAME/.ssh/authorized_keys
It is possible to store the keys in /etc/ssh as you suggested, but not in the way that you are doing it. This is generally done when the users home directory is encrypted. In order for this to work, you need to make sure the following is done:
# mkdir /etc/ssh/USERNAME
# chmod 755 /etc/ssh/USERNAME
# chown USERNAME /etc/ssh/USERNAME
# touch /etc/ssh/USERNAME/authorized_keys
# chmod 644 /etc/ssh/USERNAME/authorized_keys
# chown USERNAME /etc/ssh/USERNAME/authorized_keys
# cat /home/USERNAME/.ssh/authorized_keys > /etc/ssh/USERNAME/authorized_keys
# echo "AuthorizedKeysFile /etc/ssh/%u/authorized_keys" >> /etc/ssh/sshd_config
Note: You might want to actually edit /etc/ssh/sshd_config instead of just appending to the end, as it is possible that you already have an AuthorizedKeysFile
set.
Related videos on Youtube
Ashwin Mekala
Updated on September 18, 2022Comments
-
Ashwin Mekala over 1 year
I followed this tutorial and key authentication worked great for root. but when I created user xxx and added different key in authorized_keys and tried to login using putty where error was shown " Server refused our key ". I changed .ssh/authorized_keys to /etc/ssh/keys/authorized_keys with chmod 700 for keys and chomd 600 for authorized_keys as I found some answers on net for this issue. I even tried to swap keys nothing worked! only root is able to login using keys.
In authorized_keys file:
ssh-rsa pub***key rsa-key-20140424 ssh-rsa pub***key rsa-key-20140426
At server log Nothing shown about any authentication accepted or rejected about user xxx.
Putty Event log
2014-04-26 13:28:02 Reading private key file "C:\mykey.ppk" 2014-04-26 13:28:04 Offered public key 2014-04-26 13:28:04 Server refused our key
Server OS : centos 6.5
-
faker about 10 yearsWhere did you add the key for user xxx? It needs to be in
/home/xxx/.ssh/authorized_keys
. -
philippe about 10 yearsIf root user gets his/her key accepted, there is no reason for user xxx to be rejected. Key must be in /home/xxx/.ssh/authorized_keys, and user should be able to read this file. (owner user:user for both .ssh and authorized_keys, rights 700 for .ssh and 600 for authorized_keys). You may then want to check ssh server log file (usually /var/log/auth.log or /var/log/secure) and increase its verbosity by changing LogLevel INFO to DEBUG).
-
AndrewL64 over 8 yearsWhy is this closed though?? He did: 1. attempted to chmod the folders. 2. Showing the info he got regarding why it didn't work 3. And that he wanted to use the keys for all users and not just
root
-
-
Ashwin Mekala about 10 yearssorry I'm new to linux didn't find any thing like in google