I use my Mac to login to remote hosts via Terminal.app using ssh
and local stored keys a.k.a. passwordless login a.k.a authentication key login.
All of a sudden the new ssh
login attempts are:
- asking for the password, where before the logins were passwordless
- return
The authenticity of host XYZ can't be established.
- yes answering
Are you sure you want to continue connecting (yes/no)?
results inFailed to add the host to the list of known hosts (/Users/user/.ssh/known_hosts)
.
Also ls ~/.ssh
results in all "Permission denied":
ls: authorized_keys: Permission denied
ls: config: Permission denied
ls: id_rsa: Permission denied
ls: id_rsa.pub: Permission denied
ls: known_hosts: Permission denied
How to fix this?
Best Answer
Wrong file permissions
Wrong permissions are set on some files inside the .ssh folder. Have a look at it from Terminal.app:
The first column (
-rw-r--r--
) displays the assigned unix file permissions for owner, group and others.Read permissions for group and others are not allowed
The real issue here is not the first
r
on columns position 2, but ther
's on position 5 and 8. This tells that group and others has read permissions for these files. And that read permission for others else then the file owner, is not permitted.Fix
It can be fixed by removing all rights from group and everybody using the command
chmod 600 filename
. For this specific case a command that would work is:Result
After running this command the new permissons look like this:
Note: the
ls
command now runs withoutsudo
.