Andreas Enge <andr...@enge.fr> writes: >> > As a consequence, we could not ssh into the machine any more >> > (!). >> I don’t see how this could happen. > > Try "chown 30000.30001 $HOME". Then ssh into the machine asks for the > passphrase instead of using the public-private key pair.
I believe this is because OpenSSH, being highly pedantic (I suppose rightfully so), will refuse to acknowledge ~/.ssh/authorized_keys when its owner or permissions are wrong. (Or even merely the permissions on $HOME?) Additionally, it's a best-practice to disable password-authentication for the root account in sshd_config (Debian 8 proposes it at least) to prevent the chance of successful brute-force/dictionary attacks. Together that would mean no root SSH access to the machine at all. Taylan
