ssh key authentication失败,查看日志是selinux禁止了sshd读取authorized_keys文件:
May 5 04:24:36 localhost dbus[704]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper)
May 5 04:24:37 localhost dbus[704]: [system] Successfully activated service 'org.fedoraproject.Setroubleshootd'
May 5 04:24:37 localhost setroubleshoot: SELinux is preventing sshd from read access on the file authorized_keys. For complete SELinux messages run: sealert -l f2f58b71-8d62-404b-aa6e-bb044cecbdbc
May 5 04:24:37 localhost python: SELinux is preventing sshd from read access on the file authorized_keys.#012#012***** Plugin catchall_boolean (89.3 confidence) suggests ******************#012#012If you want to allow use to nfs home dirs#012Then you must tell SELinux about this by enabling the 'use_nfs_home_dirs' boolean.#012#012Do#012setsebool -P use_nfs_home_dirs 1#012#012***** Plugin catchall (11.6 confidence) suggests **************************#012#012If you believe that sshd should be allowed read access on the authorized_keys file by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'sshd' --raw | audit2allow -M my-sshd#012# semodule -i my-sshd.pp#012
解决方法
禁掉selinux或按照提示设置一下。