After I changed the HOME folder to another place, I copied the ssh config folder from old HOME to the new place. Supposedly it should directly work, right? However, when I login the server with my private key, the server said: "Server Refused Our Key"...
I spent some time to figure out the problem: new HOME folder access mode issue, it SHOULD NOT have write access for group.
Firstly, I think the server sshd uses wrong config: OLDHOME/.ssh/. However, NEWHOME/.ssh/ contains same files, either one should work.
Check the server error log:
~$: tail /var/log/auth.log ... Mar 28 17:08:43 DEAN sshd: Authentication refused: bad ownership or modes for directory NEWHOME
The message clearly points out the issue, then I google this message
and found that, by default, ssh
StrictModes option is on,
and it requires the HOME folder not have group write access. Besides,
the .ssh/ foler should be 700, the authorized_keys file should be
chmod g-w /home/user/ chmod 700 /home/user/.ssh/ chmod 600 /home/user/.ssh/authorized_keys
Or you can switch StrictModes off, but highly not recommended to do so. Because the StrictModes prevents other users modify your .ssh/ to illegally login.
Finally the login success message appears:
Using username "X". Authenticating with public key "rsa-key" Welcome to Ubuntu 18.04.3 LTS