SSH: WARNING: UNPROTECTED PRIVATE KEY FILE! Error and Solution

Author: Vivek Gite Last updated: January 26, 2017 3 comments
I‘m setting up server on an Amazon EC2 compute instance powered by Suse Enterprise Linux server. I am using the following command to login into the my EC2 compute from Mac OS X/Ubuntu Linux desktop:

ssh -i suse-ec2-server-jp.pem root@ec2-xx-yy-zzz-yyy.compute-1.amazonaws.com

I am getting the following error:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0440 for 'suse-ec2-server-jp.pem' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: suse-ec2-server-jp.pem
Password:

How do I fix this problem and login using ssh command?

Tutorial details
Difficulty level Easy
Root privileges No
Requirements chmod/OpenSSH
Est. reading time N/A
To fix this problem you need to use the chmod command. You need to make sure that the the permissions of suse-ec2-server-jp.pem is set to 0400 i.e. the file only readable by you and not by any other groups, users, and others.

chmod command syntax to fix file warnings

The syntax is:
chmod 0400 file
chmod 0400 /path/to/file

If suse-ec2-server-jp.pem is located in $HOME/.ssh/ directory, try:

## set permission on file ##
chmod 0400 $HOME/.ssh/suse-ec2-server-jp.pem 
 
## Make sure dir containing the suse-ec2-server-jp.pem private key and other files set to 0700
chmod 0700 $HOME/.ssh/

Verify permissions with the ls -l command:

ls -ld $HOME/.ssh/
ls -l $HOME/.ssh/suse-ec2-server-jp.pem

Now, try ssh command as follows:

## for ubuntu Linux #
ssh -i $HOME/.ssh/suse-ec2-server-jp.pem ubuntu@ec2-xx-yy-zzz-yyy.compute-1.amazonaws.com
 
## for Suse ##
ssh -i $HOME/.ssh/suse-ec2-server-jp.pem ubuntu@ec2-xx-yy-zzz-yyy.compute-1.amazonaws.com
 
## For freebsd ##
ssh -i $HOME/.ssh/suse-ec2-server-jp.pem root@ec2-xx-yy-zzz-yyy.compute-1.amazonaws.com

Sample session:

Fig.01: Fixing “WARNING: UNPROTECTED PRIVATE KEY FILE!” on Linux/MacOS X/FreeBSD/Unix

Please note that this is not AWS EC2 or Ubuntu/Suse Linux or Apple OS X specific issue. This is an OpenSSH client specific security related issue. See ssh man page for more information.


🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 3 comments so far... add one


Related Tutorials
CategoryList of Unix and Linux commands
Disk space analyzersdf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
3 comments… add one
  • Rahul Sharma Aug 5, 2013 @ 13:17

    change the permissions of ur key chmod 600 yourkey

    Reply Link
  • Michael Jul 23, 2014 @ 15:41

    more specifically, your .ssh/ directory should have permission of 700
    your authorized_keys file should have permission of 600

    Reply Link
  • anon Nov 20, 2014 @ 22:56

    Explanations about this problem are very unuseful

    Reply Link

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum

Next FAQ:

Previous FAQ:

FEATURED ARTICLES

Sign up for my newsletter