SELinux prevents SSH logins - setcon failed with Permission denied

Solution Verified - Updated -

Issue

  • Unable to login to a host using SSH when SELinux mode switched to Enforcing
  • Messages similar to the following appear in /var/log/secure:

    Oct  4 08:11:57 hostname sshd[xxxx]: ssh_selinux_change_context: setcon system_u:system_r:sshd_net_t:s0 from system_u:system_r:kernel_t:s0 failed with Permission denied [preauth]
    Oct  4 08:12:04 hostname sshd[xxxx]: Accepted password for <username> from <IP address> port <number> ssh2
    Oct  4 08:12:05 hostname sshd[xxxx]: pam_unix(sshd:session): session opened for user <username> by (uid=0)
    Oct  4 08:12:05 hostname sshd[xxxx]: sshd_selinux_copy_context: setcon failed with Permission denied
    Oct  4 08:12:05 hostname sshd[xxxx]: pam_unix(sshd:session): session closed for user <username>
    

Environment

  • Red Hat Enterprise Linux 7
  • SELinux in Enforcing mode

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content