SSH Key Permissions 0644 for id rsa pub are too open on mac

Question

I generate a ssh key pair on my mac and add the public key to my ubuntu server in fact  it is a virtual machine on my mac  but when I try to login the ubuntu server it says                                                                         WARNING  UNPROTECTED PRIVATE KEY FILE                                                                         Permissions 0644 for   Users tudouya  ssh vm vm id rsa pub  are too open  It is required that your private key files are NOT accessible by others  This private key will be ignored  bad permissions  ignore key   Users tudouya  ssh vm vm id rsa pub Permission denied  publickey password     I have tried many ways to solve this  change the key file mode  change the folder mode as some answer on stackoverflow but it doesn t work  the key file permission   vm dir  drwxr-xr-x   4 tudouya  staff    136  4 29 10 37 vm  key file  -rw-------  1 tudouya  staff  1679  4 29 10 30 vm id rsa -rw-r--r--  1 tudouya  staff   391  4 29 10 30 vm id rsa pub   please give me some idea                                              I write the host infomation to ssh config   Host ubuntuvm     Hostname 10 211 55 17     PreferredAuthentications publickey     IdentityFile  Users tudouya  ssh vm vm id rsa pub   I run command  ssh -v ubuntuvm  it displays   ssh -v ubuntuvm OpenSSH 6 2p2  OSSLShim 0 9 8r 8 Dec 2011 debug1  Reading configuration data  etc ssh config debug1   etc ssh config line 20  Applying options for   debug1   etc ssh config line 103  Applying options for   debug1   etc ssh config line 175  Applying options for ubuntuvm debug1  Connecting to 10 211 55 17  10 211 55 17  port 22  debug1  Connection established  debug1  identity file  Users tudouya  ssh vm vm id rsa pub type 1 debug1  identity file  Users tudouya  ssh vm vm id rsa pub-cert type -1 debug1  Enabling compatibility mode for protocol 2 0 debug1  Local version string SSH-2 0-OpenSSH 6 2 debug1  Remote protocol version 2 0  remote software version OpenSSH 6 6 1p1 Ubuntu-8 debug1  match  OpenSSH 6 6 1p1 Ubuntu-8 pat OpenSSH  debug1  SSH2 MSG KEXINIT sent debug1  SSH2 MSG KEXINIT received debug1  kex  server- gt client aes128-ctr hmac-md5-etm openssh com none debug1  kex  client- gt server aes128-ctr hmac-md5-etm openssh com none debug1  SSH2 MSG KEX DH GEX REQUEST 1024 lt 1024 lt 8192  sent debug1  expecting SSH2 MSG KEX DH GEX GROUP debug1  SSH2 MSG KEX DH GEX INIT sent debug1  expecting SSH2 MSG KEX DH GEX REPLY debug1  Server host key  RSA 55 6d 4f 0f 23 51 ac 8e 70 01 ec 0e 62 9e 1c 10 debug1  Host  10 211 55 17  is known and matches the RSA host key  debug1  Found key in  Users tudouya  ssh known hosts 54 debug1  ssh rsa verify  signature correct debug1  SSH2 MSG NEWKEYS sent debug1  expecting SSH2 MSG NEWKEYS debug1  SSH2 MSG NEWKEYS received debug1  Roaming not allowed by server debug1  SSH2 MSG SERVICE REQUEST sent debug1  SSH2 MSG SERVICE ACCEPT received debug1  Authentications that can continue  publickey password debug1  Next authentication method  publickey debug1  Offering RSA public key   Users tudouya  ssh vm vm id rsa pub debug1  Server accepts key  pkalg ssh-rsa blen 279                                                                       WARNING  UNPROTECTED PRIVATE KEY FILE                                                                         Permissions 0644 for   Users tudouya  ssh vm vm id rsa pub  are too open  It is required that your private key files are NOT accessible by others  This private key will be ignored  bad permissions  ignore key   Users tudouya  ssh vm vm id rsa pub debug1  No more authentication methods to try  Permission denied  publickey password

User · Accepted Answer

debug1  identity file  Users tudouya  ssh vm vm id rsa pub type 1  It appears that you re trying to use the wrong key file  The file with the  quot  pub quot  extension contains the public portion of the key  The corresponding file without the  quot  pub quot  extension contains the private part of the key  When you run an ssh client to connect to a remote server  you have to provide the private key file to the ssh client  You probably have a line in the your  ssh config file  or  etc ssh config  which looks like this  IdentityFile      ssh vm vm id rsa pub  You need to remove the  quot  pub quot  extension from the filename  IdentityFile      ssh vm vm id rsa

User · Answer

Lot s of similar answers but no explanations     The error is thrown because the private key file permissions are too open  It is a security risk   Change the permissions on the private key file to be minimal  read only by owner    Change owner chown  lt unix-name gt   lt private-key-file gt  Set minimal permissions  read only to file owner  chmod 400  lt private-key-file gt

User · Answer

I suggest you to do  chmod 400    ssh id rsa It works fine for me

User · Answer

I removed the  pub file  and it worked

User · Answer

If youre using a  ssh config file try to  chmod 0400  ssh config   then   chmod 0400  ssh  lt  lt KEYFILE PATH gt  gt

User · Answer

After running below command it works for me   sudo chmod 600  path to my key pem

User · Answer

chmod 400 path to filename   This work for me  When I did this file I am able to connect to my EC2 instance

User · Answer

Those who suggested chmod 400 id rsa pub did not sound right at all  It was quite possible that op used pub key instead of private key to ssh   So it might be as simple as ssh -i  Users tudouya  ssh vm vm id rsa  the private key  user host to fix it   --- update ---  Check this article https   www digitalocean com community tutorials how-to-set-up-ssh-keys--2 for how to set up ssh key

User · Answer

As for me  the default mode of id rsa is 600  which means readable and writable   After I push this file to a git repo and pull it from another pc  sometimes the mode of the private key file becomes -rw-r--r--   When I pull the repo with ssh after specify the private key file  it failed and prompted warnings  the same with you  Following is my script   ssh-agent bash -c  ssh-add  PATH OF RSA id rsa    git pull git gitee com someone somerepo git     I fix this problem just by changing the mode to 600   chmod 600  PATH TO RSA id rsa

User · Answer

Key should be readable by the logged in user   Try this   chmod 400    ssh Key file chmod 400    ssh vm id rsa pub

User · Answer

giving permision 400 makes the key private and not accessible by someone unknown  It makes the key as a protected one    chmod 400  Users tudouya  ssh vm vm id rsa pub

User · Answer

SSH keys are meant to be private so a 644 permission is too open  Binary references to set Permissions  r read    4  w write    2  x execute    1  So by adding these numbers and by passing the summed digit to chmod command We set the permission of file directory  The first digit sets permission for the owner  second digit for group and the third one for all other users on the system who have no right to the file  A permission of 644 means   4 2    read write permission for the owner  4    read permission for the group   4    read permission for all other users     By changing the the permission of the file to 400 using chmod 400  lt filename gt   solves the issue  As it makes the key read-only accessible to the owner  Ref  https   www linux com training-tutorials understanding-linux-file-permissions

User · Answer

In my case  it was a  pem file  Turns out holds good for that too  Changed permissions of the file and it worked   chmod 400    ssh dev-shared pem  Thanks for all of those who helped above

User · Answer

Just run below to your pem s  sudo chmod 600  path to my key pem

User · Answer

chmod 400  etc ssh   works for me

User · Answer

If the keys are in the    ssh directory   use   chmod 400    ssh id rsa  If the keys are in different directory  use  chmod 400 directory path id rsa  This worked for me

User · Answer

chmod 600 id rsa  Run above command from path where key is stored in vm ex  cd  home opc  ssh

[ssh] SSH Key: “Permissions 0644 for 'id_rsa.pub' are too open.” on mac

Examples related to ssh

Examples related to permissions

Examples related to key