ssh permissions are too open error

Question

I had a problem with my mac where I couldn t save any kind of file on the disk anymore  I had to reboot OSX lion and reset the permissions on files and acls   But now when I want to commit a repository I get the following error from ssh   Permissions 0777 for   Users username  ssh id rsa  are too open  It is recommended that your private key files are NOT accessible by others  This private key will be ignored    What permissions levels should i give to the id rsa file

User · Answer

For windows users Only  Goto file property -- gt  security -- gt  advanced  Disable inheritance property Convert Inherited Permissions Into Explicit Permissions  Remove all the permission entries except the Administrators

User · Answer

There is one exception to the  0x00  permissions requirement on a key  If the key is owned by root and group-owned by a group with users in it  then it can be  0440  and any user in that group can use the key   I believe this will work with any permissions in the set  0xx0  but I haven t tested every combination with every version  I have tried 0660 with 5 3p1-84 on CentOS 6  and the group not the primary group of the user but a secondary group  and it works fine   This would typically not be done for someone s personal key  but for a key used for automation  in a situation where you don t want the application to be able to mess with the key   Similar rules apply to the  ssh directory restrictions

User · Answer

AFAIK the values are   700  for the hidden directory   ssh  where key file is located  600  for the keyfile  id rsa

User · Answer

what worked for me     chgrp Users FOLDER      chmod 600 FOLDER

User · Answer

This is what worked for me  on mac   sudo chmod 600 path to your key pem    then    ssh -i path to your key user server ip   Hope it help

User · Answer

In my case  I was trying to connect from the Ubuntu app in Windows 10 and got the error above  It could be resolved without any permission changes by running sudo su in the Ubuntu console prior to the actual command

User · Answer

Interesting message here  Operating Systems are smart enough to deny remote connections if your private key is too open  It understands the risk where permissions for id rsa is wide open  read  is editable by anyone     One may change your lock first and then open it with the keys he already has   cd    ssh chmod 400 id rsa   While working on the multiple servers  non-production   most of us feel need to connect remote server with ssh  A good idea is to have a piece of application level code  may be java using jsch  to create ssh trusts between servers  This way connection will be password-less  Incase  perl is installed - one may use net ssh module too

User · Answer

As people have said  in Windows  I just dropped my pem file in C  Users user  ssh  and that solved it   Although you can do chmod and other command line options from a bash or powershell prompt that didn t work   I didn t change rsa or anything else   Then when running the connection you have to put the path to the pem file in the  ssh folder  ssh -i  quot C  Users user  ssh ubuntukp01 pem quot  ubuntu ec ipaddress  us-west-2 compute amazonaws com

User · Answer

I am using VPC on EC2 and was getting the same error messages  I noticed I was using the public DNS  I changed that to the private DNS and vola   it worked

User · Answer

Windows 10 ssh into Ubuntu EC2    permissions are too open    error on AWS I had this issue trying to ssh into an Ubuntu EC2 instance using the  pem file from AWS  In windows this worked when I put this key in a folder created under the  ssh folder C  Users USERNAME  ssh private key  To change permission settings in Windows 10    File Settings  gt  Security  gt  Advanced Disable inheritance Convert Inherited Permissions Into Explicit Permissions Remove all the permission entries except for Administrators  Could then connect securely

User · Answer

The other trick is to do that on the downloads folder  After you download the private key from AWS EC2 instance  the file will be in this folder then simply type the command  ssh-keygen -y -f myprivateKey pem  gt  mypublicKey pub

User · Answer

provide 400 permission  execute below command    chmod 400  Users username  ssh id rsa

User · Answer

On Windows 10  cygwin s chmod and chgrp weren t enough for me  I had to right click on the file -  Properties -  Security  tab  and remove all users and groups except for my active user

User · Answer

For me  using the Ubuntu Subsystem for Windows  the error message changed to    Permissions 0555 for  key pem  are too open   after using chmod 400  It turns out that using root as a default user was the reason   Change this using the cmd    ubuntu config --default-user your username

User · Answer

I have got the similar issue when i was trying to login to remote ftp server using public keys           To solve this issue initially i have done the following process        First find the location of the public keys because when you try to login to ftp using this public key  first we need to create a key and we set to set that keys permissions to 600              Make sure you are in correct location              step1              go the correct location             step2              After you are in right location  command        chmod 600 id rsa                   This has solved my issue

User · Answer

For Windows 10 this is what I ve found works for me   Move your key to the Linux file system  mv    ssh  home  username  Set the permission on that key  chmod 700  home  username   ssh id rsa Create a symbolic link to the key  ln -s  home  username   ssh    ssh  This happens if you have set your home directory     to be stored in Windows instead of Linux  under  mnt  vs  home

User · Answer

I keep all my own certificates and keys in one directory  and this works for tools like PuTTY  but I got this  quot too open quot  error message from the scp command  I discovered that Windows already maintains a C  users ACCOUNTNAME  ssh folder having the proper access rights for storing SSH keys  So long as you keep the contents backed up  Windows sometimes deletes it during updates   or create your own folder for ssh keys in your user folder  this will work fine  as only you and the administrators have access to that parent folder  Be very careful about changing access rights on Windows folders  I did this  and once a day Windows is scanning  reading  and writing all the files on my C  drive  a process that slows the computer for many minutes

User · Answer

Type this command to resolve your issue  chmod 600    ssh id rsa

User · Answer

for Win10 need move your key to user s home dir for linuxlike os you need to chmod to 700 like or 600 etc

User · Answer

I ve got the error in my windows 10 so I set permission as the following and it works     In details  remove other users groups until it has only  SYSTEM  and  Administrators   Then add your windows login into it with Read permission only   Note the id rsa file is under the c  users  lt username gt  folder

User · Answer

I tried 600 level of permission for my private key and it worked for me  chmod 600 privateKey   dev   ssh -i privateKey user ip worked  chmod 755 privateKey   dev   ssh -i privateKey user ip it was giving below issue  Permissions 0755 for  privateKey  are too open  It is required that your private key files are NOT accessible by others  This private key will be ignored  Load key  privateKey   bad permissions

User · Answer

I got same issue after migration from another mac   And it blocked to connect github by my key   I reset permission as below and it works well now   chmod 700    ssh        drwx------  cd    ssh             chmod 644   pub         -rw-r--r--  chmod 600 id rsa        -rw-------

User · Answer

Keys need to be only readable by you   chmod 400    ssh id rsa   If Keys need to be read-writable by you   chmod 600    ssh id rsa   600 appears to be fine as well  in fact better in most cases  because you don t need to change file permissions later to edit it    The relevant portion from the manpage  man ssh        ssh id rsa          Contains the private key for authentication   These files contain sensitive           data and should be readable by the user but not          accessible by others  read write execute    ssh will simply ignore a private           key file if it is                        accessible by others   It is possible to specify a          passphrase when generating the key which will be used to encrypt the sensitive           part of this file using 3DES       ssh identity pub     ssh id dsa pub     ssh id ecdsa pub     ssh id rsa pub          Contains the public key for authentication   These files are not sensitive and           can  but need not  be readable by anyone

User · Answer

I have came across with this error while I was playing with Ansible  I have changed the permissions of the private key to 600 in order to solve this problem  And it worked   chmod 600  vagrant machines default virtualbox private key

User · Answer

0600 is what mine is set at  and it s working

User · Answer

I was getting this issue on WSL on Windows while connecting to AWS instance  My issue got resolved by witching to classic Command prompt  You can try switching to a different terminal interface and see if that helps

User · Answer

The locale-independent solution that works on Windows 8 1 is   chgrp 545    ssh id rsa chmod 600    ssh id rsa   GID 545 is a special ID that always refers to the  Users  group  even if you locale uses a different word for Users

User · Answer

Using Cygwin in Windows 8 1  there is a command need to be run      chgrp Users    ssh id rsa   Then the solution posted here can be applied  400 or 600 is OK      chmod 600    ssh id rsa   Ref  http   vineetgupta com blog cygwin-permissions-bug-on-windows-8

User · Answer

Putty can do the work on windows 10  It generates a public key using a private key as input   download putty from https   www putty org  install putty   Two applications come upon the installation  putty config  putty key gen launch puttyGen click load and select a private key file  Please note  you need to rename your private key file with  ppk extension e g private-key ppk

[permissions] ssh "permissions are too open" error

Examples related to permissions

Examples related to ssh