Ensure PuTTY has the correct private key:
Ensure the Linux SSH server has the correct public key. In this example, we can see that the public key on Windows in Notepad++ matches the public key at /root/.ssh/authoriuzed_keys.
Ensure the /etc/ssh/sshd_config file has the following settings:
PermitRootLogin without-password PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys
Ensure the permissions and ownership of the authorized_keys file and .ssh directory are correct.
chmod 700 /root/.ssh chmod 600 /root/.ssh/authorized_keys chown root:root /root/.ssh chown root:root /root/.ssh/authorized_keys
The ps command can be used to determine if your system is using init or systemd. If PID 1 is init, then you will use the service command. If PID 1 is systemd, then you will use the systemctl command.
If your system is using systemd, use the systemctl command to ensure sshd is running.
systemctl status sshd
If your system is using init, use the service command to ensure sshd is running.
service sshd status
If problems persist, view the /var/log/secure or /var/log/auth.log files. In this example, the log file has No supported authentication methods available.
[root@server1 ~]# tail /var/log/secure . . . No supported authentication methods available . . .
SELinux may be preventing SSHD from accessing /root/.ssh/authorized_keys. To check this, set SELinux to permissive mode. Once in permissive mode, if you are able to connect, this configures SELinux is preventing SSHD from accessing /root/.ssh/authorized_keys.
[root@server1 ~]# echo 0 > /sys/fs/selinux/enforce
The ls -Z command can be used to view the current SELinux configuration. Notice in this example that samba_share_t is listed. This is not the expected output.
[root@server1 ~]# ls -Z /root/.ssh -rw-------. root root system_u:object_r:samba_share_t:s0 authorized_keys
To configure SELinux to allow SSHD access to /root/.ssh/authorized_keys.
[root@server1 ~]# restorecon -FRvv ~/.ssh
Checking the SELinux configuration, we can now see that ssh_home_t is listed.
[root@server1 ~]# ls -Z /root/.ssh -rw-------. root root system_u:object_r:ssh_home_t:s0 authorized_keys
Set SELinux back to enforcing.
[root@server1 ~]# echo 1 > /sys/fs/selinux/enforce