02-Mar-2018 12:36
I have a situation where a couple of guests are prompting a server for a password. These guests have the correct key in /.ssh/authorized_keys; other guests with identical authorized_keys do not prompt the server for a password.
Rebooting the guests did not fix the issue. I am able to authenticate with my cert/key no problem.
22-Feb-2023 10:56 - edited 22-Feb-2023 11:03
Check permissions and contexts on the files in .ssh. This won't work:
# ls -lZ
lrwxrwxrwx. root webusers system_u:object_r:unlabeled_t:s0 authorized_keys -> /var/ssh/root/authorized_keys
lrwxrwxrwx. root webusers system_u:object_r:unlabeled_t:s0 identity -> /var/ssh/root/identity
lrwxrwxrwx. root webusers system_u:object_r:unlabeled_t:s0 identity.pub -> /var/ssh/root/identity.pub
lrwxrwxrwx. root webusers system_u:object_r:unlabeled_t:s0 known_hosts -> /var/ssh/root/known_hosts
but this will:
# ls -lZ
lrwxrwxrwx. root root unconfined_u:object_r:ssh_home_t:s0 authorized_keys -> /var/ssh/root/authorized_keys
lrwxrwxrwx. root root unconfined_u:object_r:ssh_home_t:s0 identity -> /var/ssh/root/identity
lrwxrwxrwx. root root unconfined_u:object_r:ssh_home_t:s0 identity.pub -> /var/ssh/root/identity.pub
lrwxrwxrwx. root root unconfined_u:object_r:ssh_home_t:s0 known_hosts -> /var/ssh/root/known_hosts