SSH: WARNING: UNPROTECTED PRIVATE KEY FILE! Error and Solution

by on April 9, 2013 · 2 comments· LAST UPDATED April 9, 2013

in , , ,

I'm setting up server on an Amazon EC2 compute instance powered by Suse Enterprise Linux server. I am using the following command to login into the my EC2 compute from OS X/Ubuntu desktop:

ssh -i suse-ec2-server-jp.pem root@ec2-xx-yy-zzz-yyy.compute-1.amazonaws.com

I am getting the following error:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0440 for 'suse-ec2-server-jp.pem' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: suse-ec2-server-jp.pem
Password:

How do I fix this problem and login using ssh command?

Tutorial details
DifficultyEasy (rss)
Root privilegesNo
Requirementschmod/OpenSSH
Estimated completion timeN/A
To fix this problem you need to use the chmod command. You need to make sure that the the permissions of suse-ec2-server-jp.pem is set to 0400 i.e. the file only readable by you and not by any other groups, users, and others.

chmod syntax

The syntax is

chmod 0400 file
chmod 0400 /path/to/file

If suse-ec2-server-jp.pem is located in $HOME/.ssh/ directory, try:

## set permission on file ##
chmod 0400 $HOME/.ssh/suse-ec2-server-jp.pem
## Make sure dir containing the suse-ec2-server-jp.pem private key and other files set to 0700
chmod 0700 $HOME/.ssh/
 

Verify permissions with the ls -l command:

 
ls -ld $HOME/.ssh/
ls -l $HOME/.ssh/suse-ec2-server-jp.pem
 

Now, try ssh command as follows:

 
ssh -i $HOME/.ssh/suse-ec2-server-jp.pem root@ec2-xx-yy-zzz-yyy.compute-1.amazonaws.com
 

Please note that this is not AWS EC2 or Ubuntu/Suse Linux or Apple OS X specific issue. This is an OpenSSH client specific security related issue. See ssh man page for more information.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 2 comments… read them below or add one }

1 Rahul Sharma August 5, 2013 at 1:17 pm

change the permissions of ur key chmod 600 yourkey

Reply

2 Michael July 23, 2014 at 3:41 pm

more specifically, your .ssh/ directory should have permission of 700
your authorized_keys file should have permission of 600

Reply

Leave a Comment

Tagged as: , , , , , , , , , , , ,

Previous Faq:

Next Faq: