一尘不染

ssh "permissions are too open" error

javascript

我的 Mac 出现问题,无法再在磁盘上保存任何类型的文件。我不得不重新启动 OSX lion 并重置文件和 acls 的权限。

但是现在当我想提交一个存储库时,我从 ssh 收到以下错误:

Permissions 0777 for '/Users/username/.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.

我应该给 id_rsa 文件什么权限级别?


阅读 173

收藏
2022-01-30

共1个答案

一尘不染

密钥只能由您读取:

chmod 400 ~/.ssh/id_rsa

如果您需要对 Key 进行读写:

chmod 600 ~/.ssh/id_rsa

600似乎也很好(实际上在大多数情况下更好,因为您以后不需要更改文件权限来编辑它)。

手册页中的相关部分 ( man ssh)

```
~/.ssh/id_rsa
Contains the private key for authentication. These files contain sensitive
data and should be readable by the user but not
accessible by others (read/write/execute). ssh will simply ignore a private
key file if it is
accessible by others. It is possible to specify a
passphrase when generating the key which will be used to encrypt the sensitive
part of this file using 3DES.

~/.ssh/identity.pub
~/.ssh/id_dsa.pub
~/.ssh/id_ecdsa.pub
~/.ssh/id_rsa.pub
Contains the public key for authentication. These files are not sensitive and
can (but need not) be readable by anyone.
```

2022-01-30