Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

ssh "permissions are too open" error

Tags:

permissions

ssh

I had a problem with my mac where I couldn't save any kind of file on the disk anymore. I had to reboot OSX lion and reset the permissions on files and acls.

But now when I want to commit a repository I get the following error from ssh:

Permissions 0777 for '/Users/username/.ssh/id_rsa' are too open. It is recommended that your private key files are NOT accessible by others. This private key will be ignored.

What permissions levels should i give to the id_rsa file?

like image 291
Yannick Schall Avatar asked Feb 14 '12 02:02

Yannick Schall

People also ask

How do I fix permissions 0644?

To overcome the error message, you will need to change the file permissions for the private key such that it is readable only by you. This will allow only your user to read (and not write and execute) the private key file and prevent everyone else from reading, writing and executing the file.

What permissions should ssh keys be?

The private key file on your local workstation (client-side) should have permissions set to 600 , and the . ssh directory should have the permissions set to 700 .

Are too open Id_rsa?

Permissions 0644 for 'id_rsa' are too open. It is required that your private key files are NOT accessible by others. It is required that your private key files are NOT accessible by others. This private key will be ignored.

1 Answers

Keys need to be only readable by you:

chmod 400 ~/.ssh/id_rsa

If Keys need to be read-writable by you:

chmod 600 ~/.ssh/id_rsa

600 appears to be fine as well (in fact better in most cases, because you don't need to change file permissions later to edit it).

The relevant portion from the manpage (man ssh)

 ~/.ssh/id_rsa          Contains the private key for authentication.  These files contain sensitive           data and should be readable by the user but not          accessible by others (read/write/execute).  ssh will simply ignore a private           key file if it is                        accessible by others.  It is possible to specify a          passphrase when generating the key which will be used to encrypt the sensitive           part of this file using 3DES.   ~/.ssh/identity.pub  ~/.ssh/id_dsa.pub  ~/.ssh/id_ecdsa.pub  ~/.ssh/id_rsa.pub          Contains the public key for authentication.  These files are not sensitive and           can (but need not) be readable by anyone.
like image 76
quickshiftin Avatar answered Oct 11 '22 05:10

quickshiftin
Sign in to Comment

Related questions

warning: Insecure world writable dir /usr/local/bin in PATH, mode 040777
Storage permission error in Marshmallow
C# Test if user has write access to a folder
Can the Unix list command 'ls' output numerical chmod permissions?
Add Keypair to existing EC2 instance
ERROR: permission denied for sequence cities_id_seq using Postgres
WAMP error: Forbidden You don't have permission to access /phpmyadmin/ on this server
On npm install: Unhandled rejection Error: EACCES: permission denied
Android M Permissions: onRequestPermissionsResult() not being called
IIS7 Permissions Overview - ApplicationPoolIdentity
MySQL error 1449: The user specified as a definer does not exist
IIS AppPoolIdentity and file system write access permissions
SSH Key: “Permissions 0644 for 'id_rsa.pub' are too open.” on mac
How to reset Django admin password?
Chmod 777 to a folder and all contents [duplicate]
sudo echo "something" >> /etc/privilegedFile doesn't work [duplicate]
"UNPROTECTED PRIVATE KEY FILE!" Error using SSH into Amazon EC2 Instance (AWS)
How do I use sudo to redirect output to a location I don't have permission to write to? [closed]
How to fix npm throwing error without sudo
How to change permissions for a folder and its subfolders/files in one step

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!