Resolve "Server refused our key" when connecting to a Linux SSH server using PuTTY

Home > Search
  by

Ensure PuTTY has the correct private key:

  1. Launch PuTTY.
  2. In the left panel, expand +SSH and highlight auth. Ensure the correct private key is being used.

 

Ensure the Linux SSH server has the correct public key. In this example, we can see that the public key on Windows in Notepad++ matches the public key at /root/.ssh/authoriuzed_keys.

 

Ensure the /etc/ssh/sshd_config file has the following settings:

PermitRootLogin        without-password
PubkeyAuthentication   yes
AuthorizedKeysFile     .ssh/authorized_keys

 

Ensure the permissions and ownership of the authorized_keys file and .ssh directory are correct.

chmod 700 /root/.ssh
chmod 600 /root/.ssh/authorized_keys
chown root:root /root/.ssh
chown root:root /root/.ssh/authorized_keys

 

Ensure the SSH daemon is active and running.

[root@server1 ~]# systemctl status sshd
. . .
  Active: active (running)
. . .

 

If problems persist, view the /var/log/secure or /var/log/auth.log files. In this example, the log file has No supported authentication methods available.

[root@server1 ~]# tail /var/log/secure
. . .
No supported authentication methods available
. . .

 

SELinux may be preventing SSHD from accessing /root/.ssh/authorized_keys. To check this, set SELinux to permissive mode. Once in permissive mode, if you are able to connect, this configures SELinux is preventing SSHD from accessing /root/.ssh/authorized_keys.

[root@server1 ~]# echo 0 > /sys/fs/selinux/enforce

 

The ls -Z command can be used to view the current SELinux configuration. Notice in this example that samba_share_t is listed. This is not the expected output.

[root@server1 ~]# ls -Z /root/.ssh
-rw-------. root root system_u:object_r:samba_share_t:s0 authorized_keys

 

To configure SELinux to allow SSHD access to /root/.ssh/authorized_keys. 

[root@server1 ~]# restorecon -FRvv ~/.ssh

 

Checking the SELinux configuration, we can now see that ssh_home_t is listed.

[root@server1 ~]# ls -Z /root/.ssh
-rw-------. root root system_u:object_r:ssh_home_t:s0 authorized_keys

 

Set SELinux back to enforcing.

[root@server1 ~]# echo 1 > /sys/fs/selinux/enforce

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter in the box below so that we can be sure you are a human.




Comments