Geek Answers Handbook

Connect to a remote Centos server using SSH keys

I am trying to connect to a Centos 6.3 server using an SSH key, so I can run the script remotely, without asking for a password each time. I followed the instructions below:

  • Log in to the server using the usual ssh command and password once so that the server adds your computer to known hosts.
  • On your computer using cygwin-terminal, generate the keys and leave the field phrase empty: ssh-keygen -t rsa
  • Now set the permissions for your private key and ssh folder: chmod 700 ~/.ssh & chmod 600 ~/.ssh/id_rsa
  • Copy the public key (id_rsa.pub) to the server, log in to the server and add the public key to the authorized_keys list: cat id_rsa.pub >> ~/.ssh/authorized_keys
  • After you have imported the public key, you can delete it from the server. Set the file permissions on the server: chmod 700 ~/.ssh & chmod 600 ~/.ssh/authorized_keys
  • Return the ssh daemon to the server: service sshd restart
  • Check your computer connection: ssh root@198.61.220.107

But when I try ssh to a remote server, it still asks me for a password. The .ssh folder was not created on the server, so I had to create myself. Any ideas on what might happen? Did I miss something? Is there any other way to configure the keys?

+7
source share
4 answers

Well, it turns out I stupidly changed the owner of the /root directory when I set up the server, since this is the /.ssh directory for the user that I tried to connect using (root) refused to access this directory because it belonged to another user.

 Dec 10 16:25:49 thyme sshd[9121]: Authentication refused: bad ownership or modes for directory /root

I changed the owner to root, and he did it.

 chown root /root

Thanks guys for the help.

+3
source

This is apparently a known bug . The proposed solution does not actually work, but I found that it would work on a CentOS 6.2 system:

 chmod 600 .ssh/authorized_keys chmod 700 .ssh
+4
source

Althogh OP found a solution, I would like to write down my solution to a similar problem in the hope that it will be useful to those who look like a similar problem and achieve this answer.

The reason for my problem is that the .ssh directory in the user's home folder on the CentOS server was not set properly after the useradd command created it.

In addition, I need to manually set the .ssh folder mode with the following commands:

chmod gw /home/user

chmod 700 /home/user/.ssh

chmod 600 /home/user/.ssh/authorized_keys

+1
source

Other answers are general, note that Centos 6 uses selinux. selinux may deny access to authorised_keys file, despite correct permissions and ownership

Of the known issues in the Centos 6 Release Notes :

  • Make sure you set the selinux context of the public key correctly if you transfer it to the CentOS 6 server with selinux enabled. Otherwise, selinux may deny access to the ~ / .ssh / authorized_keys file and the key to the latter authentication will not work. To set up the correct context you can use:

    restorecon -R -v / home / user / .ssh

  • The ssh-copy-id from CentOS 6 knows about selinux contexts, and the previous workaround is not required.

+1
source

More articles: