Hi, I made the changes as instructed but for some reason both Putty and Filezilla refuse access due to invalid public key. I log in Putty and Filezilla using root’s SSH keys without problem, so it’s strange why it’s not accepting username although the authorized keys are the same.

I also notice that X11Forwarding is set as Yes by default in /etc/ssh/sshd_config. Should I disable that line first (by commenting it #) before inserting the codes you suggested? Or are those 2 X11Forwarding lines independent to each other, since the no one is within Match User username? BTW, are all the commands below Match User username independent from the rest of the commands in sshd_config? Thanks again!!

/var/log/auth.log might give you a better idea of what the problem might be. It’s likely you need to change the ownership of the /var/www/website.com/html directory.

Everything under the Match User block is independent and only applies to that user.

Thank you for the Match User clarification! Always learn something new :)

I’m still can’t log in after starting over from scratch (via restored snapshot). This is what /var/log/auth.log says:

Sep 13 20:35:38 MyAccount sshd[1730]: error: Could not load host key: /etc/ssh/ssh_host_ed25519_key
Sep 13 20:35:39 MyAccount sshd[1730]: error: Received disconnect from 11.11.11.111: 11: No supported authentication methods available [preauth]
Sep 13 20:36:07 MyAccount sshd[1732]: error: Could not load host key: /etc/ssh/ssh_host_ed25519_key
Sep 13 20:36:08 MyAccount sshd[1732]: Accepted publickey for root from 11.11.11.111 port 64054 ssh2: RSA 24:4a:c5:78:22:f7:36:99:bc:5a:9f:1a:ae:87:68:f7
Sep 13 20:36:23 MyAccount sshd[1735]: error: Could not load host key: /etc/ssh/ssh_host_ed25519_key
Sep 13 20:36:24 MyAccount sshd[1735]: Accepted publickey for root from 11.11.11.111 port 64056 ssh2: RSA 24:4a:c5:78:22:f7:36:99:bc:5a:9f:1a:ae:87:68:f7

BTW, the port I use to log via Putty is not 64056. Maybe that’s the culprit? I don’t know how that number came up. Also, my key bits is 2048, not 1024. Would that be the cause of the problem, too?

This is my current /etc/nginx/sites-available/default:

server {
    listen 80;
    server_name website.com;
    return 301 $scheme://www.website.com$request_uri;
}

server {
    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;

    root /var/www/website.com/html;
    index index.php index.html index.htm;

    server_name www.website.com;

    location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
        expires 365d;
    }

    location / {
        try_files $uri $uri/ =404;
    }

    error_page 404 /404.html;

    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

}

And this is my current /etc/ssh/sshd_config:

#not port 22
Port 12345
Protocol 2

HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key

UsePrivilegeSeparation yes

KeyRegenerationInterval 3600
ServerKeyBits 1024

SyslogFacility AUTH
LogLevel INFO

LoginGraceTime 120
PermitRootLogin without-password
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes

IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no

PermitEmptyPasswords no

ChallengeResponseAuthentication no

PasswordAuthentication no

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes

AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

UsePAM no

UseDNS no
AllowUsers root username

Match User username
    ChrootDirectory /var/www/website.com/html
    AllowTCPForwarding no
    X11Forwarding no
    ForceCommand internal-sftp

I also transferred ownership to the folder by using this code (via this tutorial):

sudo chown -R $USER:$USER /var/www/website.com/html

Any help is appreciated! Thanks again!