Login fails when trying to login with ssh to the root user with authorized key


When trying to login with ssh to a linux system with selinux enabled, they key is denied although it is listed on /root/.ssh/authorized_keys

In addition to that, the following line is added to /var/log/audit/audit.log:
type=AVC msg=audit(1352486160.413:52975): avc: denied { read } for pid=6059 comm="sshd" name="authorized_keys" dev=dm-0 ino=1966127 scontext=unconfined_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:admin_home_t:s0 tclass=file


Use the following command to fix the authorized_key's selinux permissions:
restorecon -v /root/.ssh/authorized_keys

As a side note, also make sure the user and group permissions are current and that the authorized_keys file and .ssh directory only has read/write access to its owner.

If it isn't, you can make it as such:
chown -R root:root /root/.ssh
chmod 700 /root/.ssh && chmod 600 /root/.ssh/authorized_keys

Or for a normal (non-root) user:
chown -R user:user /home/user/.ssh
chmod 700 /home/user/.ssh && chmod 600 /home/user/.ssh/authorized_keys

Affected software:

Linux 2.6.x

Add new comment
Anti-Bots verification code (just write 1234):