🟠 High   ⏱ 5–30 min  Last verified: 19 May 2026
Affected versions: Ubuntu 26.04 LTS

📖 ~1 min read

Table of contents
  1. Symptom & Impact
  2. Environment & Reproduction
  3. Root Cause Analysis
  4. Quick Triage
  5. Step-by-Step Diagnosis
  6. Solution – Primary Fix
  7. Solution – Alternative Approaches
  8. Verification & Acceptance Criteria
  9. Rollback Plan
  10. Prevention & Hardening
  11. Related Errors & Cross-Refs
  12. References & Further Reading

Symptom & Impact

Public key authentication fails and users are denied shell access.

Environment & Reproduction

Seen after manual file copy or home directory migration.

ssh -v user@host
sudo systemctl status ssh
ls -ld ~/.ssh

Root Cause Analysis

Loose permissions on home, .ssh, or authorized_keys cause sshd to reject keys.

Quick Triage

Check effective permissions and ownership across auth files.

namei -l ~/.ssh/authorized_keys
stat ~/.ssh ~/.ssh/authorized_keys
sudo tail -n 80 /var/log/auth.log

Step-by-Step Diagnosis

Trace server-side key acceptance and permission checks.

sudo sshd -T | grep -Ei 'pubkeyauthentication|authorizedkeysfile'
ls -la ~/.ssh
sudo journalctl -u ssh -n 100
Illustrative mockup for ubuntu-26-04-lts — terminal_or_shell
SSH permission checks — Illustrative mockup — Progressive Robot

Solution – Primary Fix

Set strict ownership and permissions, then restart SSH service.

Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
chown -R $USER:$USER ~/.ssh
sudo systemctl restart ssh
Illustrative mockup for ubuntu-26-04-lts — logs_or_journal
sshd authentication logs — Illustrative mockup — Progressive Robot

Solution – Alternative Approaches

Temporarily enable password auth during emergency recovery with strict controls.

sudoedit /etc/ssh/sshd_config
sudo sshd -t
sudo systemctl restart ssh

Verification & Acceptance Criteria

SSH key login works and auth logs show accepted public key entries.

ssh -o PreferredAuthentications=publickey user@host
sudo grep -i 'Accepted publickey' /var/log/auth.log | tail -n 5

Rollback Plan

Restore previous sshd_config and key files if hardening breaks access patterns.

sudo cp /etc/ssh/sshd_config.bak /etc/ssh/sshd_config
sudo systemctl restart ssh

Prevention & Hardening

Enforce permission checks in provisioning scripts and periodic compliance scans.

find /home -maxdepth 2 -name .ssh -type d -exec ls -ld {} ;

Related to expired keys, disabled PubkeyAuthentication, and shell restrictions.

Related tutorial: View the step-by-step tutorial for Ubuntu 26.04 LTS.

View all Ubuntu 26.04 LTS tutorials on the Tutorials Hub →

Browse all common problems & solutions on the Tutorials Hub.

References & Further Reading

Ubuntu OpenSSH server documentation and secure key management best practices.

Need Expert Help?

If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today — we respond within one business day.