Background
I ran into an issue with SSH login without a password. I had set up the passwordless SSH login for several uses; however, one user refused to work. After setting up SSH Login Without a Password I was still prompted for a password. The first step was to determine why I was still being challenged for a password and to do this I needed to enable DEBUG output for SSH on the server to see what was going on.
Details
The first step to solving this issue was to turn DEBUG on for SSH. I went into /etc/ssh/sshd_config and changed LogLevel from INFO to DEBUG (make sure you change this back when finished to avoid extemporaneous log messages). After turning log mode on I found the problem was “SSH Authentication refused: bad ownership or modes for directory”.
The solution: Apparently SSH does not like your home or ~/.ssh directory to have group write permissions. If you run across a “SSH Authentication refused: bad ownership or modes for directory” error message, make sure that the remote home directory does not have write permissions set for the group. Also ensure the remote .ssh directory is 700 and the remote .ssh/authorized_key and/or .ssh/authorized_key are 600.
After setting the directory permissions as above a logout and new login proved to solve the problem.
Notes
- this guide uses a Debian based distro; however, the information should be relevant to any linux distro.
