Server's Operation System: CentOS 6.6
I want to make a password-free login for a non-root user, named otheruser. The steps I processed just below:
I. Generating the public and private key in server:
[otheruser@localhost ~]# ssh-keygen -t rsa
I accept the default setting, and then rename .ssh/id_rsa.pub to authorized_keys
[otheruser@localhost ~/.ssh]# cp id_rsa.pub authorized_keys
[otheruser@localhost ~/.ssh]# ls -al ~
drwx------ 2 otheruser otheruser 4096 May 13 06:50 .ssh
[otheruser@localhost ~/.ssh]# ls -al ~/.ssh
drwx------ 2 otheruser otheruser 4096 May 13 06:50 .
drwxrwxr--. 4 otheruser otheruser 4096 May 9 07:23 ..
-rw------- 1 otheruser otheruser 412 May 13 06:50 authorized_keys
-rw------- 1 otheruser otheruser 1675 May 13 06:48 id_rsa
-rw------- 1 otheruser otheruser 412 May 13 06:48 id_rsa.pub
It can notice that the permission of /home/otheruser/.ssh is 700, and the permission of /home/otheruser/.ssh/authorized_keys is 600, both belong to uesr otheruser and group otheruser.
II. Modifying /etc/ssh/sshd_config
Add the configuration:
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
AllowUsers otheruser
Reboot the sshd service:
[root@localhost ~]# service sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
I copyed the private key from server to my local machine. And the try to ssh to server:
ssh -i id_rsa otheruse@192.168.1.101
But I received a Permission denied prompt:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
And the record in /var/log/secure was:
May 12 07:07:08 localhost sshd[1230]: Connection closed by 192.168.1.1
May 12 07:07:14 localhost sshd[1231]: Authentication refused: bad ownership or modes for directory /home/otheruser
I have no idea what the problem I have. Can someone help me please QAQ
