WARNING: UNPROTECTED PRIVATE KEY FILE When Copying SSH Public/Private Key Files

Tadashi Shigeoka ·  Sat, February 11, 2012

After doing a clean install of macOS and copying SSH public/private key files I had been using previously to ~/.ssh, I got a warning.

Linux
$ git push heroku master
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/Users/your_username/.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /Users/your_username/.ssh/id_rsa
Permission denied (publickey).
fatal: The remote end hung up unexpectedly

I found an article that was spot on when I searched.

MacでSSH公開鍵・秘密鍵ファイルをコピーして使ったら警告がでた - アインシュタインの電話番号☎

The SSH private key permissions needed to be 600, so I changed them immediately.

$ ls -al ~/.ssh/
total 24
drwxr-xr-x   5 your_username  staff   170  2 11 11:49 .
drwxr-xr-x+ 26 your_username  staff   884  2 11 11:39 ..
-rw-r--r--   1 your_username  staff  1743  2 11 01:34 id_rsa
-rw-r--r--   1 your_username  staff   410  2 11 01:34 id_rsa.pub
-rw-r--r--   1 your_username  staff   405  2 11 11:49 known_hosts

$ chmod 600 ~/.ssh/id_rsa
$ ls -al ~/.ssh/
total 24
drwxr-xr-x   5 your_username  staff   170  2 11 11:49 .
drwxr-xr-x+ 26 your_username  staff   884  2 11 11:39 ..
-rw-------   1 your_username  staff  1743  2 11 01:34 id_rsa
-rw-r--r--   1 your_username  staff   410  2 11 01:34 id_rsa.pub
-rw-r--r--   1 your_username  staff   405  2 11 11:49 known_hosts

This time git push worked properly.

$ git push heroku master
Everything up-to-date

That’s all from the Gemba regarding SSH key permissions.