If authorized_keys exists, but has chmod 000, or .ssh has chmod 000 or 600, or for other reason it can not be read by server, then there is little clue, in the logs, what is going on. Just: debug1: trying public key file /home/userfoo/.ssh/authorized_keys debug1: restore_uid: 0/0 Admin should be informed that there was some problem accessing authorized_keys (other then not-existing file).
Also in Ubuntu https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/505301
Created attachment 1771 [details] More log/debug about why authorized_keys could not be used This will provide more information. On DebugLevel INFO it will only inform when there was I/O error when accessing existing .ssh/authorized_keys file (like, 000 permitions etc) On DEBUG3 it will also inform if the file simply was not existing to make full log clear about this.
The keyfile not existing is not unusual (it's the default state) and is probably not worth mentioning. Adding a debug message for the rest seems reasonable as long as we don't editorialize too much.
Created attachment 1772 [details] ssh-pubkey-debug.patch Output a debug if we can't open an existing keyfile.
Patch #1772 has been applied and will be in the 5.4 release. Thanks for the report.
With the release of 5.4p1, this bug is now considered closed.