ssh“权限太开放"错误 [英] ssh "permissions are too open" error

问题描述

我的Mac出现问题，无法再在磁盘上保存任何类型的文件. 我必须重新启动OSX Lion并重置文件和ACL的权限.

I had a problem with my mac where I couldn't save any kind of file on the disk anymore. I had to reboot OSX lion and reset the permissions on files and acls.

但是现在当我要提交存储库时，我从ssh收到以下错误:

But now when I want to commit a repository I get the following error from ssh:

Permissions 0777 for '/Users/username/.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.

我应该赋予id_rsa文件什么权限级别?

What permissions levels should i give to the id_rsa file?

推荐答案

密钥只能由您读取:

chmod 400 ~/.ssh/id_rsa

如果您需要密钥可读写:

If Keys need to be read-writable by you:

chmod 600 ~/.ssh/id_rsa

600 似乎也不错(实际上，在大多数情况下更好，因为您以后无需更改文件权限即可对其进行编辑.)

600 appears to be fine as well (in fact better in most cases, because you don't need to change file permissions later to edit it).

联机帮助页(man ssh)中的相关部分

The relevant portion from the manpage (man ssh)

 ~/.ssh/id_rsa
         Contains the private key for authentication.  These files contain sensitive 
         data and should be readable by the user but not
         accessible by others (read/write/execute).  ssh will simply ignore a private 
         key file if it is              
         accessible by others.  It is possible to specify a
         passphrase when generating the key which will be used to encrypt the sensitive 
         part of this file using 3DES.

 ~/.ssh/identity.pub
 ~/.ssh/id_dsa.pub
 ~/.ssh/id_ecdsa.pub
 ~/.ssh/id_rsa.pub
         Contains the public key for authentication.  These files are not sensitive and 
         can (but need not) be readable by anyone.

这篇关于ssh“权限太开放"错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！