When using SSH to connect to a server, you may encounter a warning about an “unprotected private key file.” This warning indicates that the private key file has permissions that are too open, making it accessible to other users. As a security measure, SSH enforces strict permission settings on private keys to prevent unauthorized access.
debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: /Users/shakir/.ssh/simplified-guide.pem @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0755 for '/Users/shakir/.ssh/simplified-guide.pem' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Load key "/Users/shakir/.ssh/simplified-guide.pem": bad permissions
The issue often arises when a private key is copied or transferred, altering its original permissions. This can happen if the tool used to copy the key does not preserve the original file permissions, leading to a more permissive setting. The default system umask value might also contribute to this problem, causing the private key file to become accessible by others.
To resolve this issue, the file permissions of the private key must be restricted. The correct permissions ensure that the private key is only accessible by the file owner. Once the permissions are set properly, SSH will allow the private key to be used for authentication without triggering the warning.
Related: How to generate SSH key pairs
Steps to change SSH private key permission in Linux:
- Locate the private SSH key file on your system.
- Open a terminal window.
- Verify the current permissions of the private key file (optional).
$ ls -l ~/.ssh/simplified-guide.pem -rwxr-xr-x@ 1 shakir staff 1700 May 12 2021 .ssh/simplified-guide.pem
- Modify the permissions of the private key to restrict access.
$ chmod 600 ~/.ssh/simplified-guide.pem
The file must be owned by the user where the user has read and execute access, and is set to allow no access at all to user's group or other users.
- Verify the new permissions of the private key file.
$ ls -l .ssh/simplified-guide.pem -rw------- 1 user group 1700 May 12 2021 .ssh/simplified-guide.pem
- Attempt to connect to the server again using the public key authentication method.

Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
Comment anonymously. Login not required.