For example, I think I know what I'm doing, yet sti still requires a password after I get what looks like a positive insertion of an authorized_key... user@betlognuc:~$ ssh-copy-id -i ~/.ssh/ root@recalbox /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@recalbox's password: Number of key(s) added: 1 Now try logging into the machine, with:   "ssh 'root@recalbox'" and check to make sure that only the key(s) you wanted were added. user@betlognuc:~$ ssh root@recalbox root@recalbox's password: # cd .ssh # ls -al total 12 drwx------    2 root     root          4096 Jul 13 06:07 . drwxr-xr-x   15 avahi    avahi         4096 Jul 13 06:07 .. -rw-------    1 root     root          2809 Jul 13 06:07 authorized_keys # cat authorized_keys ssh-rsa **** yep, it's there*** buuuut.... # shutdown -r now Broadcast message from root@RECALBOX (pts/0) (Wed Jul 13 06:09:31 2016): The system is going down for reboot NOW! # Write failed: Broken pipe user@betlognuc:~$ user@betlognuc:~$ ssh root@pilan root@pilan's password: still asks for the password... and the whole idea of adding the pubkey is so it doesn't. What am I missing here?