Description of problem: After creating .ssh/authorized_keys in my non-root user's home directory on an enforcing installation, using ssh to log in from a user on another machine whose id_dsa.pub is contained in authorized_keys still asks for a password. I get: avc: denied { search } for pid=4036 exe=/usr/sbin/sshd name=.ssh dev=hdb1 ino=748424 scontext=system_u:system_r:sshd_t tcontext=user_u:object_r:user_home_t tclass=dir in the dmesg output, and audit2allow says: allow sshd_t user_home_t:dir { search }; Version-Release number of selected component (if applicable): openssh-3.6.1p2-33 policy-1.8-1 How reproducible: 100%
This seems to be fixed in policy-1.8-10.
If anyone has problems with authorized_keys and 'setenforce 0' "fixes" them it can also be because the .ssh/authorized_keys file is not labeled correctly. Run 'fixfiles --check' and wait a (long) while and then try again.
You can use restorecon on individual files.