Recently came across a problem with one system authentication to another via ssh.
I added the public ssh key to ~/.ssh/authorized_keys entry. Changed ownership to the proper user and also
chmod 600 ~/.ssh/authorized_keys. Still no dice.
ssh -vvvv the following error returned on pubkey authentication:
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_0' not found
Well, that is pretty non-specific.
Since permission problems are the number one issue I have with getting ssh authentication working, and how I thought I set permissions right, my mind then wondered if SELinux permissions were causing a problem. Most providers disable SELinux right off the bat because of the ‘problems’ it causes, but some don’t. It turned out, this one has
SELINUX=enforcing. So, let’s fix the SELinux permissions:
/sbin/restorecon -r /root/.ssh
This sets the context as follows:
# ls -Z authorized_keys
-rw-------. root root unconfined_u:object_r:ssh_home_t:s0 authorized_keys
SSH should now authenticate.