Bad owner or permissions on ssh config file

I have realized that I am no longer able to connect to the webserver at x.x.202.50. Yesterday I have changed the following ssh configuration file: /share/homes/admin/.ssh/config by adding the following settings:

# ssh (secure shell) configuration file
Host webserver HostName x.x.212.50 User user1 IdentityFile ~/.ssh/id_rsa `

The reason I did this is to enable key login for synchronization purpose (with Unison).

Now, when I try to connect to the server I receive the following error:

Bad owner or permissions on /share/homes/admin/.ssh/config

I make the connection with Putty from Windows 10 and from Linux server to another Linux server.

I need to connect to the server because I am involved in a project, and I don't know how to do it. Does anybody know how to do this?

2

2 Answers

The general rule for the files that can affect the security (private keys, configuration files, authorized keys) is that they should not be writable by anyone else than the owner (the private keys should not be accessible!).

The error is coming from the openssh code below:

if (((sb.st_uid != 0 && sb.st_uid != getuid()) || (sb.st_mode & 022) != 0)) fatal("Bad owner or permissions on %s", filename);

So translating it to the English, means that the config file must be owned by root or by the user running the ssh and can not be writable by any group or other users.

As already pointed out in the comments, you probably gave this permissions to somebody somehow so removing these permissions should fix that problem:

chmod go-w /share/homes/admin/.ssh/config
2

If your home directory is mounted on NFS and there is an NFS problem or a Domain login problem, it could be that the ~/.ssh/config file is owned by nobody (temporarily, until the NFS or Domain loging problem is fixed). This doesn't fix your problem, but the problem may not be with the permissions. Just do ls -l on the directory and make sure the files are still yours. And if you see nobody, time to send an email to IT.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like