Authentication refused: bad ownership or modes for file /var/git/.ssh/authorized_keys

The problem is the fact that file and directory permissions do not meet the requirements of StrictModes, which in OpenSSH is yes by default and should not be changed. Try setting the permissions of authorized_keys to 0600 and the .ssh directory to 0700.

# chmod 0700 .../.ssh/
# chmod 0600 .../.ssh/authorized_keys

Note that the ... will differ based on installation (e.g., in this question it is /var/git/ but for users it will be /home/username/.


For reasons of paranoia, the .ssh directory and authorized_keys must not be group-writable. I guess the thinking is, the user must be the only one with explicit control over his/her authorization. I believe a work-around for this lies with ACL. The other work around is StrictModes=no setting in sshd's configuration file. But it would be too dangerous to do that for the sake of one user.

P.S. your ls -l /var | grep git is more concisely done as ls -ld /var/git


The $HOME/.ssh directory mode must be 700 and authorized_keys should be readable by the owner only, i.e. mode 600:

chmod u=rwx,g=,o= /var/git/.ssh
chmod u=rw,g=,o= /var/git/.ssh/authorized_keys

As to the private key, it must be read-write-able by the owner only:

chmod u=rw,g=,o= /var/git/.ssh/id_?sa