Following my earlier post: -
![]()
![]()
it's worth noting that Linux will attempt to help you out by warning you if your private key files have inappropriately weak permissions, as per this example: -
ssh-keygen -y -e -f ~/Downloads/foobar.cer
which returns: -
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/Users/davidhay/Downloads/foobar.cer' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/Users/davidhay/Downloads/foobar.cer": bad permissions
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/Users/davidhay/Downloads/foobar.cer' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/Users/davidhay/Downloads/foobar.cer": bad permissions
This is what the file looks like post-download: -
ls -al ~/Downloads/foobar.cer
-rw-r--r--@ 1 davidhay staff 1683 29 Dec 11:08 /Users/davidhay/Downloads/foobar.cer
Once I change it to 400: -
chmod 400 ~/Downloads/foobar.cer
which means: -
or: -
-r--------@ 1 davidhay staff 1683 29 Dec 11:08 /Users/davidhay/Downloads/foobar.cer
all is well
ssh-keygen -y -e -f ~/Downloads/foobar.cer
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "2048-bit RSA, converted by
dave@mac"
AAAAB3NzaC1yc7EAAAAAAQABAAABAQAAutYt3P7YNNOWG6Ve/xTpeNnkNwAARBzb0jiA7/
A7XT5x0xOVXrwrlefIU6ZFBfR1QLc54xCWPk7j77u4ZfsUE57+rSfFFHAm3T7/H5GVW7Ct
tS7mB/UoiXJtfOo9uNHNSrSOOqAQKAtAAprKzghREhoroIeb65TkzpA6cfAAmcE+ySCTNS
li7sALtAnBwCwFJGQUBKot77Xce1q04uhr9sYknOvRAVmTaihYAeaSgLh+UTAIeJ4/AABP
7+gAyuHK6pPJ9WEyUGHh3HAUio8o3uAx8VoZfnE+Y79y5XIpWT6+xrSG4XskRjPAy+9JsR
bsm3jS3qi08T649/aLL67A
---- END SSH2 PUBLIC KEY ——
Comment: "2048-bit RSA, converted by
dave@mac"
AAAAB3NzaC1yc7EAAAAAAQABAAABAQAAutYt3P7YNNOWG6Ve/xTpeNnkNwAARBzb0jiA7/
A7XT5x0xOVXrwrlefIU6ZFBfR1QLc54xCWPk7j77u4ZfsUE57+rSfFFHAm3T7/H5GVW7Ct
tS7mB/UoiXJtfOo9uNHNSrSOOqAQKAtAAprKzghREhoroIeb65TkzpA6cfAAmcE+ySCTNS
li7sALtAnBwCwFJGQUBKot77Xce1q04uhr9sYknOvRAVmTaihYAeaSgLh+UTAIeJ4/AABP
7+gAyuHK6pPJ9WEyUGHh3HAUio8o3uAx8VoZfnE+Y79y5XIpWT6+xrSG4XskRjPAy+9JsR
bsm3jS3qi08T649/aLL67A
---- END SSH2 PUBLIC KEY ——