I ran into a fairly niche issue that may solve issues that others may have, but haven't been able to solve; when following all the normal tips troubleshooting SSH public key issues.
System:
If you are using NFS home directory mounts, there is a SELinux setting that you need to have enabled to allow SSH with public keys.
The command to enable this is as follows:
setsebool -P use_nfs_home_dirs 1
This change with persist, so no worries about having to do this every time on restart.
Without enabling this setting in SELinux when you SSH the command will not be given access to read the authorized_keys
file resulting in a public key authentication failure.
An easy was to view this issue is to run journalctl -f
on the server and then attempt to SSH using public keys. You will see an error saying SELinux is preventing /usr/sbin/sshd from reading ~/.ssh/authorized_keys
.
I hope this saves someone the headache I had.
The command to enable NFS home directories: setsebool -P use_nfs_home_dirs 1