/etc/ssh/sshd_config
and set log level:
LogLevel DEBUG3
Then try to authenticate, and when it fails, look for log file:
/var/log/secure
LogLevel
is defined in /etc/ssh/sshd_config
. The default log is/var/log/auth.log
unless defined otherwise in sshd_config
It sounds like you are attempting to add a users key into root’s authorized_keys
file instead of the users authorized_keys
file.
Just to clarify:
roots key should be in /root/.ssh/authorized_keys
users key should be in /home/USERNAME/.ssh/authorized_keys
It is possible to store the keys in /etc/ssh as you suggested, but not in the way that you are doing it. This is generally done when the users home directory is encrypted. In order for this to work, you need to make sure the following is done:
# mkdir /etc/ssh/USERNAME
# chmod 755 /etc/ssh/USERNAME
# chown USERNAME /etc/ssh/USERNAME
# touch /etc/ssh/USERNAME/authorized_keys
# chmod 644 /etc/ssh/USERNAME/authorized_keys
# chown USERNAME /etc/ssh/USERNAME/authorized_keys
# cat /home/USERNAME/.ssh/authorized_keys > /etc/ssh/USERNAME/authorized_keys
# echo "AuthorizedKeysFile /etc/ssh/%u/authorized_keys" >> /etc/ssh/sshd_config
Note: You might want to actually edit /etc/ssh/sshd_config instead of just appending to the end, as it is possible that you already have an AuthorizedKeysFile
set.