(Partially Solved) ssh bad permissions: ignore key

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
fsmithred
Posts: 1873
Joined: 2008-01-02 14:52

(Partially Solved) ssh bad permissions: ignore key

#1 Post by fsmithred »

I get this message when I try to ssh to my remote computer when I'm running lenny. The key is on a usb stick. It doesn't do it when I'm running etch. The remote ssh server is running etch always. I tried it today from a friend's etch installation, and I got the same error message.

Question 1: what would cause this message to come up on one etch installation but not another?

Code: Select all

Permissions 0755 for '/media/disk/my.rsa.key' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /media/disk/hold/.ssh/id.athena1
Permission denied (publickey).
I tried changing the permission, but of course, that didn't work, because the filesystem is vfat. My solution at home was to copy the keyfile into my .ssh directory, but I can't take that with me. I've got another usb stick that I could reformat to ext3, but is there another solution? I'd still like to be able to use it with windows, so I can use firefox portable when I'm visiting relatives, and not have to carry two sticks.
Last edited by fsmithred on 2008-09-25 03:14, edited 2 times in total.
Top
User avatar
saulgoode
Posts: 1545
Joined: 2007-10-22 11:34
Been thanked: 2 times

#2 Post by saulgoode »

SSH is designed to ignore key files if they are world-readable. If the filesystem on your USB drive does not support Unix-like permissions, you will need to specify an appropriate 'umask' when you mount it.

Alternately, you could copy the key file from the USB drive to your local drive, changing the permissions -- but be cautious with this approach and try not to expose your keys.
Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it. -- Brian Kernighan
Top
fsmithred
Posts: 1873
Joined: 2008-01-02 14:52

(SOLVED) ssh bad permissions: ignore key

#3 Post by fsmithred »

Thanks. It looks like copying the key to the hard drive and changing the permissions is the easiest way to do it. Otherwise, it goes like this:

Plug in the stick and let it automount.
Unmount it.
Mount it again as root, with option umask=077
Then initiate the ssh session from the root terminal, logging in as user@host (I've got root logins disabled)

I tried using the uid option when mounting the stick, but that option doesn't seem to work on the command line.

Edit: I still don't understand why my etch install doesn't reject the key because of bad permissions.
Top
Post Reply

Return to “System and Network configuration”