Ubuntu on Windows 10 - SSH “Permissions xxxx for private key are too open

windows-10 ssh windows-subsystem-for-linux

Solution 1:

Solution that works for me in windows WSL (without changing file mode):

sudo ssh -i keyfile <user>@ip

Solution 2:

I'm reading between the lines, and assuming you're using a Linux subsystem in Windows 10. When you symlinked the Windows file from C:\ into the Linux file system in $HOME/.ssh, the permissions of the actual file are still under control of Windows, and the permissions shown to you in the Linux window just best represent the Windows permissions; you can't change the permissions on the Windows files in /mnt/c from Linux. This FAQ from Microsoft talks about how files are handled in the two overlapping file systems.

The file you need to change the permission on is the file the symlink is pointing so, so that means the file in /mnt/c

It doesn't seem possible to give user-only access to a Windows file. Even if you disable permission inheritance on a file and give only your own user read permission, the Linux permissions still show as -r--r--r--, so that won't be usable for ~/.ssh

The only option appears to be copying the file from Windows into Linux, at which point you can use chmod and chown on it.

Solution 3:

Copy the SSH key over to your WSL ~/.ssh directory, as an SSH key with anything other than 600/400 permissions compromises the key.

  • Once the key is copied over, ensure it's EOLs have been changed to LF.

    • There's a number of ways to do so, from the Atom text editor to CLI solutions like dos2unix, unix2dos, etc.

  • See @simpleuser's answer below to understand why permissions cannot be changed via Windows, of which necessitates copying the key to the WSL's ~/.ssh directory

Solution 4:

The Windows 10 permissions vs WSL permissions problem is only a problem if the .pem file is in the Windows file system accessible under a mount point, e.g. somewhere in /mnt/c .

If you move the file to under your WSL home directory, e.g. directory /home/.ssh, then you can do a chmod 400 yourkeyfile.pem on the file.

The way WSL works, the standard Linux root directories like bin, etc, home, usr are not visible to Windows 10, hence you can do a chmod on any file just as you were working on a real Linux system.

Related

How do I save an image PDF file as an image?
Is there a way to view Google Chrome browsing history past three months ago?
How to boot a Linux live USB on a Mac?
Windows 8.1 Insufficient storage available to create shadow copy
How do I set up an AppleScript to open a new iTerm2 tab and change the directory?
Windows 7 Windows update error 80072EFE
How to diagnose abnormal CPU usage by svchost.exe? [duplicate]
Running virtual linux using qemu on windows
Highest compression for files(for web transfer)?
VMware Workstation Bridged Network Host UnReachable
CPU Constantly at 100% In Task Manager, But Not in Process Explorer
Undo the Linux trash command