FixPedia
LinuxHigh

Fixing SSH Permission denied Error in Linux: A Comprehensive Guide

This guide provides step-by-step instructions for diagnosing and resolving the 'Permission denied' error when connecting to a Linux server via SSH, including checking permissions and server configuration.

Updated at February 16, 2026
10-15 minutes
Medium
FixPedia Team
ΠŸΡ€ΠΈΠΌΠ΅Π½ΠΈΠΌΠΎ ΠΊ:Ubuntu 22.04CentOS 8Debian 11All modern Linux distributions

Introduction

The SSH Permission denied error occurs when attempting to connect to a Linux server via SSH, and the server denies access due to authentication or permission issues. This guide will help you diagnose and resolve the problem, restoring secure access to your server. You will learn how to check file permissions, configure the SSH daemon, and analyze logs.

Prerequisites

Before you begin, ensure you have:

  • Access to the server via console (KVM, IPMI) or an alternative method if SSH is unavailable.
  • Superuser (sudo) privileges to modify system files and restart services.
  • Basic Linux knowledge: command line usage, file editing (e.g., with nano or vim).
  • SSH client on your local machine (typically OpenSSH).

Step-by-Step Guide

Step 1: Check SSH File Permissions

Incorrect permissions on the ~/.ssh directory or authorized_keys file are a common cause. On the server, run:

ls -la ~/.ssh

Example output for correct permissions:

drwx------ 2 user user 4096 Feb 16 12:00 .
drwxr-xr-x 5 user user 4096 Feb 16 12:00 ..
-rw------- 1 user user  400 Feb 16 12:00 authorized_keys

If permissions differ, correct them:

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
chown -R user:user ~/.ssh  # replace user with your login username

πŸ’‘ Tip: For the root user, check /root/.ssh instead of a regular user's home directory.

Step 2: Configure the SSH Server

Ensure the SSH daemon (sshd) is configured correctly. Edit the configuration file:

sudo nano /etc/ssh/sshd_config

Check or add the following parameters:

PubkeyAuthentication yes
PasswordAuthentication yes  # temporarily enable for debugging, then disable
PermitRootLogin no         # prohibit root login for security
StrictModes yes            # must be yes to check permissions

After making changes, restart the service:

sudo systemctl restart sshd    # for systemd (Ubuntu 22.04, CentOS 8, Debian 11)
# or
sudo service ssh restart      # for SysV init

Step 3: Check SELinux or AppArmor

Systems with SELinux (CentOS, RHEL, Fedora) or AppArmor (Ubuntu, Debian) may block access due to security policies.

For SELinux:

getenforce  # if output is "Enforcing", check the context
ls -Z ~/.ssh

If the context is not ssh_home_t or ssh_home_dir_t, fix it:

restorecon -R ~/.ssh

For AppArmor: It usually does not affect SSH, but check profiles:

sudo aa-status | grep ssh

If there are issues, reload the profile or temporarily disable it for testing.

Step 4: Verify Authentication Method

For public key authentication:

  • On the client, ensure the private key exists (~/.ssh/id_rsa or id_ed25519).
  • Copy the public key to the server if you haven't already: 
    ssh-copy-id user@host
    Or manually: 
    cat ~/.ssh/id_rsa.pub | ssh user@host "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
  • Verify that ~/.ssh/authorized_keys contains one line with the key, without extra characters.

For password authentication:

  • Ensure PasswordAuthentication yes is set in sshd_config.
  • Check that the user has a password: passwd user.

Step 5: Test Connection with the -v Option

Use verbose output for diagnostics:

ssh -v user@host

If you need to specify a key or port:

ssh -i ~/.ssh/id_rsa -p 2222 -v user@host

In the output, look for lines with debug1: and Permission denied. The error usually occurs during Authenticating with public key or password. This will indicate which authentication method failed.

Verification

After completing the steps, try connecting:

ssh user@host

If the connection is successful, you will see the server's command prompt. If the error persists:

  • Check logs in real-time: 
    sudo tail -f /var/log/auth.log        # Ubuntu/Debian
sudo journalctl -u sshd -f            # systemd (CentOS 8, Ubuntu 22.04)
  • Look for entries with Failed or Permission deniedβ€”they will indicate the exact cause.

Common Issues

  • "Bad owner or permissions on ~/.ssh/authorized_keys": Set permissions to 600 on the file and 700 on the directory.
  • "Authentication refused: bad ownership or modes for directory /home/user": Check the user's home directory permissions: chmod 755 /home/user (it should not be writable by others).
  • Error when using a non-standard port: Ensure the port is open in the firewall (sudo ufw allow 2222 for Ubuntu) and specified in the ssh -p command.
  • Key not loaded into ssh-agent: If using an agent, add the key: ssh-add ~/.ssh/id_rsa.
  • SELinux in enforcing mode blocks access: Temporarily disable for testing: sudo setenforce 0, but then configure the context correctly.
  • DNS or hosts.allow/hosts.deny issues: Check if hosts.deny or a firewall is blocking access.

If the problem remains unresolved, review each step, compare with the examples in this guide, and examine the logs to pinpoint the error.

F.A.Q.

What causes the SSH Permission denied error?
How to check SSH logs for diagnostics?
Can I disable permission checks for SSH?
Why does Permission denied occur only with a public key?

Hints

Check SSH file permissions
Configure the SSH server
Check SELinux or AppArmor
Verify authentication
Test the connection with the -v option

Did this article help you solve the problem?

FixPedia

Free encyclopedia for fixing errors. Step-by-step guides for Windows, Linux, macOS and more.

Β© 2026 FixPedia. All materials are available for free.

Made with for the community