A systems administrator is troubleshooting a remote access issue for a developer on a newly deployed Linux server. The developer is attempting to connect via SSH using key-based authentication but receives a Permission denied (publickey) error. The administrator has verified the following:
The developer's public key is correctly appended to the user's ~/.ssh/authorized_keys file.
The sshd service is active and running.
A firewall is not blocking the connection.
Which of the following is the most likely reason for the authentication failure?
The AllowUsers directive in /etc/ssh/sshd_config does not include the developer's username.
The SELinux context for the ~/.ssh/authorized_keys file is incorrect.
The developer's user account on the server has been locked or has expired.
The permissions for the user's home directory, ~/.ssh directory, or authorized_keys file are too permissive.
The correct answer is that the permissions are too permissive. The OpenSSH daemon (sshd) requires strict permissions for security reasons. It will not use the authorized_keys file if its parent directories or the file itself have permissions that are too open (e.g., writable by group or others). The ~/.ssh directory should have 700 (drwx------) permissions, and the authorized_keys file should have 600 (-rw-------) permissions. The user's home directory should also not be writable by others.
An incorrect SELinux context can cause this issue, but checking file permissions is a more common initial troubleshooting step.
If the AllowUsers directive was preventing the login, the server logs would typically indicate a denied user, and this configuration is less common than permission misconfigurations.
A locked or expired account is a valid reason for login failure, but it often produces a different error message in the server logs, such as 'account is locked' or 'access denied'.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why are strict permissions required for SSH key-based authentication?
Open an interactive chat with Bash
How can you verify and fix permissions for the `.ssh` directory and `authorized_keys` file?
Open an interactive chat with Bash
How can server logs help diagnose SSH authentication issues?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Troubleshooting
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access