Cannot SSH using Public Key when SSH server makes use of AuthorizedKeysCommand - Red Hat Customer Portal

Issue

Users trying to login using Public Key authentication need to enter their password in the following circumstances
- SSH server makes use of AuthorizedKeysCommand
```
# grep ^AuthorizedKeysCommand /etc/ssh/sshd_config
AuthorizedKeysCommand=/usr/bin/sss_ssh_authorizedkeys
AuthorizedKeysCommandUser=nobody
```
- Top directory for /home has been assigned to some specific group (e.g. users) instead of being owned by root:root with defaults permissions rwx:rx:rx
```
# ls -ld /home
drwxr-x---. 5 root users 1024 Dec 14 18:23 /home
```

Environment

Red Hat Enterprise Linux 7
openssh-6.4p1-8.el7 up to openssh-7.4p1-16.el7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content

Quick Links

Help

Site Info

Related Sites

Copyright © 2024 Red Hat, Inc.

Here are the common uses of Markdown.

Code blocks

~~~
Code surrounded in tildes is easier to read
~~~

Links/URLs

[Red Hat Customer Portal](https://access.redhat.com)