Monday 20 June 2016

Unprotected private key file error while connecting to AWS via SSH

Background

In one of the previous posts, we saw how to connect to your AWS instance.
In that post, we saw how you can remotely connect to your instance using ssh (putty on windows). Recently I migrated to Mac and got following error for connecting.

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0777 for 'Documents/Softwares/athakur-securekey.pem' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: Documents/Softwares/athakur-securekey.pem
Permission denied (publickey).


See screenshot below -

So how do you resolve this?



Solution

You need to give read/write permission just to that user (no groups or other users). So running following command should suffice -
  • chmod 600 athakur-securekey.pem
OR alternatively
  • chmod u=rw athakur-securekey.pem 
  • chmod go=  athakur-securekey.pem



Quoting from AWS documentation -
  • Use the chmod command to make sure your private key file isn't publicly viewable. For example, if the name of your private key file is my-key-pair.pem, use the following command:
    • chmod 400 /path/my-key-pair.pem 
    •  

Related Links

t> UA-39527780-1 back to top