Sentry Answers>Linux>

Resolve SSH permissions too open error

Resolve SSH permissions too open error

David Y.

The Problem

When attempting to SSH into a remote machine, I receive the following error:

Click to Copy
Permissions 0777 for '/Users/username/.ssh/id_rsa' are too open. It is recommended that your private key files are NOT accessible by others. This private key will be ignored.

How do I fix this? What permissions should id_rsa have?

The Solution

id_rsa is a private key file, used in combination with a public key file (id_rsa.pub) to authenticate over SSH. Per the tenets of public-private key cryptography, the public key is distributed widely while the private key must be kept secret. For this reason, SSH requires private keys to be accessible only to the current user. The current permissions on the key, 0777, mean that it is readable, writeable, and executable by the current user, members of that user’s group, and members outside that user’s group. This is far too permissive.

To fix this, we should set the key’s permissions to 600, i.e. readable and writeable for the current user and inaccessible to all others. The private key file does not need to be executable. We can do this using chmod, as below:

Click to Copy
chmod 600 ~/.ssh/id_rsa

After running this command, SSH should function as expected.

  • Syntax.fmListen to the Syntax Podcast
  • ResourcesWhat is Distributed Tracing
  • Syntax.fm logo
    Listen to the Syntax Podcast

    Tasty treats for web developers brought to you by Sentry. Get tips and tricks from Wes Bos and Scott Tolinski.

    SEE EPISODES

Considered “not bad” by 4 million developers and more than 100,000 organizations worldwide, Sentry provides code-level observability to many of the world’s best-known companies like Disney, Peloton, Cloudflare, Eventbrite, Slack, Supercell, and Rockstar Games. Each month we process billions of exceptions from the most popular products on the internet.

© 2024 • Sentry is a registered Trademark
of Functional Software, Inc.