ssh "permissions are too open" 错误

我的 Mac 出现问题,无法再在磁盘上保存任何类型的文件。 我不得不重新启动 OSX lion 并重置文件和 acls 的权限。

但是现在当我想提交存储库时,我从 ssh 收到以下错误:

Permissions 0777 for '/Users/username/.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.

我应该给 id_rsa 文件什么权限级别?

Using Cygwin in Windows 8.1, there is a command need to be run:

chgrp Users ~/.ssh/id_rsa

Then the solution posted here can be applied, 400 or 600 is OK.

chmod 600 ~/.ssh/id_rsa

Reference here

I've got the error in my windows 10 so I set permission as the following and it works.

In details, remove other users/groups until it has only 'SYSTEM' and 'Administrators'. Then add your windows login into it with Read permission only.

Note the id_rsa file is under the c:\users\<username> folder.

Windows 10 ssh into Ubuntu EC2 “permissions are too open” error on AWS

I had this issue trying to ssh into an Ubuntu EC2 instance using the .pem file from AWS.

In windows this worked when I put this key in a folder created under the .ssh folder

C:\Users\USERNAME\.ssh\private_key

To change permission settings in Windows 10 :

File Settings > Security > Advanced

Disable inheritance

Convert Inherited Permissions Into Explicit Permissions

Remove all the permission entries except for Administrators

Could then connect securely.

AFAIK the values are:

  • 700 for the hidden directory .ssh where key files are located

  • 600 for the keyfile id_rsa

This is what worked for me (on mac)

sudo chmod 600 path_to_your_key.pem 

then :

ssh -i path_to_your_key user@server_ip

Hope it help

For windows users Only. Goto file property --> security --> advanced

  1. Disable inheritance property
  2. Convert Inherited Permissions Into Explicit Permissions.
  3. Remove all the permission entries except the Administrators.

what worked for me

chgrp Users FOLDER

chmod 600 FOLDER

I keep all my own certificates and keys in one directory, and this works for tools like PuTTY, but I got this too open error message from the scp command. I discovered that Windows already maintains a C:\users\ACCOUNTNAME\.ssh folder having the proper access rights for storing SSH keys. So long as you keep the contents backed up (Windows sometimes deletes it during updates), or create your own folder for ssh keys in your user folder, this will work fine, as only you and the administrators have access to that parent folder.

Be very careful about changing access rights on Windows folders. I did this, and once a day Windows is scanning, reading, and writing all the files on my C: drive, a process that slows the computer for many minutes.