Situation
Trying to ssh to remote computer but remote computer asks for a password.
A ssh-copy-id has been done and there is a key in the local folder /home/user/.ssh/authorized_keys.
The local .ssh folder is chmod 700 and all files within are chmod 600.
Resolution alternatives
Alternative 1
Ssh-copy-id creates the authorized keys files it creates it with the proper permissions, but with the wrong SELinux label.
The fix for this is restoring the labels to their policy defaults using this command:
# restorecon -R ~/.ssh
Alternative 2
Temporary disable selinux
Do this as root on the CLI.
# setenforce 0
Permanently disable selinux
Edit /etc/selinux/config. Save and reboot computer to finalize change.
Change the following line
SELINUX=enforcing
to
SELINUX=disabled
Alternative 3
Start a ssh daemon on another port in debug mode, it will tell you immediately why the key is being rejected.
Wild guess; your home directory is group writable.
Firewall on remote computer may have to be temporarily disabled. See How to configure firewalld on CentOS 7 for more info.
On remote computer:
# /usr/sbin/sshd -d -p 2222
On local computer:
# ssh -p 2222 user@remotehost
Error message on remote computer:
... Authentication refused: bad ownership or modes for file /home/user/.ssh/authorized_keys ...
Fix: remove write permission on user's homefolder for group, ie set octal permissions to 750 for folder /home/user.
