How to fix WARNING: UNPROTECTED PRIVATE KEY FILE!

How to fix WARNING: UNPROTECTED PRIVATE KEY FILE!

I was planning to do a clean installation after macOS Catalina was released. I copied my ssh keys, and I’ve seen the warning when I tried to run git-related commands.

After a short research, I’ve found out the source of the problem is the permissions on the private key file.

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/Users/erdaltsksn/.ssh/id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/Users/erdaltsksn/.ssh/id_rsa": bad permissions
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

To fix this, you need to reset the permissions to default.

chmod 700 ~/.ssh
chmod 644 ~/.ssh/id_ed25519.pub
chmod 600 ~/.ssh/id_ed25519
chmod 600 ~/.ssh/known_hosts

That’s all. Now you can use your SSH keys without any errors or warnings.

Note: This is not a specific issue to any operating system. This is a security issue related to the OpenSSH client.

References

  1. https://linuxcommand.org/lc3_man_pages/ssh1.html