Fix “Permissions are too open … private key will be ignored”

By neokrates, written on April 25, 2010

howto

Rate it
  • 1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5 out of 5)
    Loading ... Loading ...
Ad
Poll
  • Your skill as shell programmer is?

    • No skill (35%, 7 Votes)
    • FreeTime coder (acceptable) (25%, 5 Votes)
    • Developer (good) (15%, 3 Votes)
    • Novice (15%, 3 Votes)
    • Admin (very good) (10%, 2 Votes)
    • Guru (perfect) (0%, 0 Votes)

    Total Voters: 20

    Vote

    Loading ... Loading ...
Feeds:
  • bodytext bodytext bodytext
Most popular search terms:

You try to login on remote host, and get “Permissions are too open”. Setting permissions normally fixes that.

The problem is, that the private key you are using must remain private. If you permit others to read it, that condition is not satisfied.

Software:

  • Ubuntu linux
  • OpenSSH

Should also work for:

  • Any openSSH with any Unix based system

1

OpenSsh ignores the key. Permissions are too open…

You typed something like ssh -i ~/.ssh/id_rsa_targethost [email protected] and this is what openSsh says:

me@myhome:~$ ssh -i ~/.ssh/id_rsa_targethost myuser@my.targethost.com
 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/me/.ssh/id_rsa_targethost' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /home/me/.ssh/id_rsa_targethost



If you try ls, you see that others can do things with your private key:

me@myhome:~$ ls -All /home/me/.ssh/id_rsa_targethost
-rw-r--r-- 1 me me 986 2010-04-25 14:33 /home/me/.ssh/id_rsa_targethost

2

Change permissions

Only owner can read and write the private key:

chmod 600 /home/me/.ssh/id_rsa_targethost

 
Or more human readable:

chmod a-rwx /home/me/.ssh/id_rsa_targethost
chmod u+rw /home/me/.ssh/id_rsa_targethost

3

Should work now

Check:

me@myhome:~$ ls -All /home/me/.ssh/id_rsa_targethost
-rw------- 1 me me 986 2010-04-25 14:33 /home/me/.ssh/id_rsa_targethost



Should work now. Have fun!

 
Does that help to solve your problem?
VN:F [1.8.5_1061]
Rating: +56 (from 112 votes)
84 votes 'YES'  28 votes 'NO'

LEARN MORE (amazon bookstore)

TAGS

RELATED
Pages
Posts
    nope :(

SOCIAL
Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • bodytext
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google
  • BlinkList
  • Blogosphere News
  • E-mail this story to a friend!
  • Furl
  • LinkArena
  • Live
  • MisterWong
  • Print this article!
  • StumbleUpon
  • Technorati
  • Webnews.de
  • YahooMyWeb

INCOMING SEARCH TERMS


15 Responses to “Fix “Permissions are too open … private key will be ignored””

  1. Sviatoslav Zalishchuk says:

    Thank you A LOT. This helped me so much.
    Cheers.

    Like or Dislike: Thumb up 3 Thumb down 0

  2. TheAwesome says:

    Thanx a lot, this saved me some time… and a LOT of trouble ;)

    Like or Dislike: Thumb up 1 Thumb down 0

  3. Thanks for sharing this. Was helpful.

    Like or Dislike: Thumb up 0 Thumb down 0

  4. Terry Herckenrath says:

    Initially I skipped changing the permissions (by accident) and ever since then ssh refuses to use the id_rsa file.
    I even removed the file, generated a new key and even tried renaming the id_rsa file, but all to no avail :-(
    It’s like ssh remembers the one slip-up and refuses to give me a second chance – very frustrating…

    Like or Dislike: Thumb up 0 Thumb down 0

  5. Nishant says:

    Thanks man , this is really helpful.

    Like or Dislike: Thumb up 0 Thumb down 0

  6. Maxim says:

    Well.. My private key placed on truecrypt mounted partition, and i can’t change permission at key file.. And what to do in this case?

    Like or Dislike: Thumb up 0 Thumb down 0

    • neokrates says:

      I also use truecrypt, never had problems setting permissions on files inside truecrypt disk…
      Why can’t you?
      Do you use linux or windows? Is the key file owned by your user?

      Like or Dislike: Thumb up 0 Thumb down 0

  7. Cristian says:

    Thanks!!

    Like or Dislike: Thumb up 0 Thumb down 0

  8. [...] Fix “Permissions are too open … private key will be ignored” [...]

    Like or Dislike: Thumb up 0 Thumb down 0

  9. [...] Fix “Permissions are too open … private key will be ignored” [...]

    Like or Dislike: Thumb up 0 Thumb down 0

  10. [...] Fix “Permissions are too open … private key will be ignored” [...]

    Like or Dislike: Thumb up 0 Thumb down 0

  11. Shyam says:

    Thanks A Lot…it’s helped me…

    Like or Dislike: Thumb up 0 Thumb down 0

Leave a Reply