User can't SSH but root can

patrick_alv · April 25, 2025, 7:07am

Hello.

Can anyone help?

I’m having a problem logging in to my VPS using my main user. For now, I have to use root first every time and then change to the ‘patrick’ username.

I want my access to be more secure by only allowing specific users to access SSH and keeping root hidden.

But each time I SSH using ‘patrick’, this error appears:
Permission denied (publickey, gssapi-keyex, gssapi-with-mic).

I already copied root’s authorized_keys to /home/patrick/.ssh/authorized_keys, but still nothing. My user is already added to the wheel group. I also added ‘AllowUsers root patrick’ to sshd_config.

Is something missing?

jlehtone · April 25, 2025, 7:30am

What that implies is that the use of /home/patrick/.ssh/authorized_keys fails.

What are the permissions, etc of the dir and file?
I have:

$ ls -ld .ssh
drwx------. 3 jlehtone jlehtone 10 Apr 22 10:52 .ssh
$ ls -dZ .ssh
unconfined_u:object_r:ssh_home_t:s0 .ssh
$ ls -l .ssh/authorized_keys
-rw-------. 1 jlehtone jlehtone 409 Feb  2  2023 .ssh/authorized_keys
$ ls -Z .ssh/authorized_keys
unconfined_u:object_r:ssh_home_t:s0 .ssh/authorized_keys

At least

chmod 700 /home/patrick/.ssh
chmod 600 /home/patrick/.ssh/authorized_keys
chown -Rv patrick:patrick /home/patrick/.ssh

patrick_alv · April 25, 2025, 8:33am

Thank you, jlehtone.

It turns out the authorized_keys were still owned by the root user. After I copied it, I must have forgotten to change its ownership.

This solved it.


sudo chown -Rv patrick:patrick /home/patrick/.ssh

Once again, thank you.