On a good server SCP was used to retrieve a remote compressed file. This was saved to the root directory.
Thereafter key based authentication stopped working. But this wasn’t obvious, because instead of just logging on, the remote system was prompting for a password. Many attempts to recopy the key didn’t work.
In the end our friend was tail -f /var/log/auth.log
This showed:
Authentication refused: bad ownership or modes for directory /root
A simple ls -la showed the /root was suddenly not owned by root anymore, but by the file that was copied.
We used chown root:root /root -R to fix the problem. Disclaimer: Only use this command if you know what you are doing.