SSH Authentication on Linux

December 3, 2011 · Posted in Development 

Here is a step-by-step explanation how to configure Linux server to be accessible over SSH.

1. Setup public/private keys for your user.

On server:

- Login to server as your user

- Go to home folder: cd ~/

- Generate the keys:

ssh-keygen -t rsa

Accept the file names it wants to use (must be stored at /home/myuser/.ssh/)

Don’t enter a passphrase (just enter). You will want to redo do this with a passphrase later.

- add the pub key to the authorized_keys file:

cat > authorized_keys

- Set permissions on your ~/.ssh folder: chmod 700 ~/.ssh
- Set permissions on your ~/.ssh/authorized_keys: chmod 600 ~/.ssh/authorized_keys


Locally (on Windows):

- Copy id_rsa and files from the server to your local hard drive (use winscp or sftp or some such tool) and save them to c:\users\userName\.ssh directory (for Windows 7)

- convert the keys to the format that putty understands.

To do this run puttygen.exe and load your private key copied from the server.

Save your private key (id_rsa.ppk) to your local hard drive  – for example, save to c:\users\username\.ssh\id_rsa.ppk.


1b. Another another way to generate public/private keys: generate keys locally using puttygen.exe and copy public key to the Linux server.


  1. Run puttygen.exe
  2. Generate a key pair
  3. Save private and public keys to your local hard drive (usually in folder c:\Users\USERNAME\.ssh\): mykey.ppk,
  4. Check that your public key does not have comments in text and it has one line of text starting with “ssh-rsa”.

You may need to remove these lines:

at the beginning:”—- BEGIN SSH2 PUBLIC KEY —- Comment:”

and at the end: “—- END SSH2 PUBLIC KEY —- “.


On server:

  1. Public key should be kept on the server.  Copy your public key file ( to the server to ~/.ssh/
  2. Run these commands on the server:
chmod 700 ~/.ssh
cd ~/.ssh/
cat > ~/.ssh/authorized_keys
chmod 600 authorized_keys


2. Configure sshd server

- edit /etc/ssh/sshd_config and add the line

PubkeyAuthentication yes

- restart the sshd daemon:

sudo /etc/init.d/ssh restart


3. Access Linux server from Windows using SSH

- run putty and specify your *.ppk

Now you must be able to access Linux server.


Problems with SSH Authentication

If you get errors like ‘Access denied’ while accessing the server then you can view log file to find possible problems:



Error: SSH Authentication refused: bad ownership or modes for directory /home/user

If you got this error in your log file “SSH Authentication refused: bad ownership or modes for directory /home/user” then read below about two options to fix this problem.


SSH doesn’t like it if your home or ~/.ssh directories have group write permissions.

Your home directory should be writable only by owner (you), ~/.ssh should be 700, and authorized_keys should be 600:

chmod g-w /home/myuser
chmod 700 /home/myuser/.ssh
chmod 600 /home/myuser/.ssh/authorized_keys

or another solution to fix it is to change this option in ssh config (/etc/ssh/sshd_config):

StrictModes no


  • Setting up and using Git on Windows and Ubuntu : Max Ivak Personal Site

    [...] Read more how to setup and troubleshoot SSH authentication in my article. [...]