ssh permissions



Set up your client

  1. Generate your key.

  2. Configure ssh to use the key.

    vim ~/.ssh/config

    Your config file should have something similar to the following:

    Hostname ip-or-domain-of-server
    PubKeyAuthentication yes
    IdentityFile ./path/to/key

    You can add IdentitiesOnly yes to ensure ssh uses the specified IdentityFile and no other keyfiles during authentication. Setting IdentitiesOnly prevents failed authentications from occurring, when ssh would otherwise attempt to login with multiple keys. Setting this is also considered more secure, as you're not leaking information about other keys you have installed, and maintaining separation of your keys between different levels of access.

  3. Copy your key to your server.

    ssh-copy-id -i /path/to/ SERVERNAME`

    For example, ssh-copy-id -i ~/.ssh/ -p 22 user@


  1. use "-vvv" option

  2. Make sure the server has your PUBLIC key (.pub).

  3. Make sure your IdentiyFile points to your PRIVATE key.

  4. Make sure your


    directory has 700 and the files within are 600 permissions.

    • ssh-keygen will create files and directories for you with the proper permissions
  5. tail -f /var/log/auth.log (on the server) and monitor errors when you attempt to login

  6. If you have many key files, try IdentitiesOnly yes to limit the authentication to use the single, specified key.



Improve this answer


edited Apr 2, 2022 at 2:20

matigo's user avatar


20.6k77 gold badges4444 silver badges7171 bronze badges

answered Jun 23, 2013 at 21:04

earthmeLon's user avatar


11.1k11 gold badge3636 silver badges6060 bronze badges

Scroll to Top