similar to: [Bug 1909] New: "WARNING: UNPROTECTED PRIVATE KEY FILE!" warning needs an actionable step

https://bugzilla.mindrot.org/show_bug.cgi?id=1909 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |djm at mindrot.org Resolution|---

https://bugzilla.mindrot.org/show_bug.cgi?id=1909 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #2 from Damien Miller <djm at mindrot.org> --- Set all RESOLVED bugs to CLOSED with release

Hi All, I noticed that if I put: AuthorizedKeysFile .ssh/authorized_keys in my sshd_config file, pub/priv key authentication no longer worked. I am using OpenSSH_5.4p1, OpenSSL 0.9.8n 24 Mar 2010 on Archlinux. Sam ****************** Here is my WORKING config ****************** Port 22 ListenAddress 0.0.0.0 Protocol 2 PermitRootLogin no PubkeyAuthentication yes #AuthorizedKeysFile

http://bugzilla.mindrot.org/show_bug.cgi?id=1186 Summary: unprotected keys are not properly ignored Product: Portable OpenSSH Version: 3.8.1p1 Platform: All OS/Version: All Status: NEW Severity: major Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org ReportedBy: pepper at

Hey guys, I installed OpenSSH 7.9p1 on Windows Server 2016 and generated a SSH key pair with ssh-keygen on my Windows 10 Client (OpenSSH 7.6p1). I can connect to the server with "ssh user at domain@servername -i id_rsa". But as soon as I add the private key to the SSH agent by "ssh-add id_rsa" this does not work anymore and aborts with the message "Permission denied

Third party programs should not be dictating to users how to manage their systems. Things like: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0660 for '/Users/law.Bliss/.ssh/id_rsa' are too open. It is required that your private key files are

https://bugzilla.mindrot.org/show_bug.cgi?id=3654 Bug ID: 3654 Summary: "ssh-add ~/.ssh/id_rsa.pub" raises misleading permission error Product: Portable OpenSSH Version: 9.4p1 Hardware: 68k OS: Mac OS X Status: NEW Severity: enhancement Priority: P5

Hey Damien, thank you for your reply. I posted the debug information at https://pastebin.com/40esNPED and replaced some sensitive information before (usernames, servernames, domainnames, IP addresses). In addition I commented some lines with a message like "### <my message> ###". Patrick -----Urspr?ngliche Nachricht----- Von: Damien Miller <djm at mindrot.org> Gesendet:

Hello, I just received thes odd messages from HP-UX Secure Shell A.03.50.000. (OpenSSH 3.5p1): # ssh-add id_rsa.pub 5215: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 5215: @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ 5215: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 5215: Permissions 0644 for 'id_rsa.pub' are too open. 5215: It is

I am working on a port of openssh-3.5p1 and ran across a case where we were trying to load a private key with 0644 permissions into the agent. The agent responds with: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for

Hi, I pasted two server connection logs at https://pastebin.com/vJb5tnTL. First a successful one and second an unsuccessful one. Patrick -----Urspr?ngliche Nachricht----- Von: Damien Miller <djm at mindrot.org> Gesendet: Samstag, 22. Juni 2019 10:43 An: Steinforth, Patrick <Steinforth at osnabrueck.de> Cc: openssh-unix-dev at mindrot.org Betreff: Re: AW: OpenSSH public key

https://bugzilla.mindrot.org/show_bug.cgi?id=1526 Summary: SSH key prompt if public key missing and pubkey auth fails Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Mac OS X Status: NEW Severity: normal Priority: P4 Component: ssh-agent AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=2737 Bug ID: 2737 Summary: function identity_sign() assume private key's pub part as same as the .pub key. Product: Portable OpenSSH Version: 7.5p1 Hardware: Other OS: Other Status: NEW Severity: enhancement Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=2110 Bug ID: 2110 Summary: ssh-copy-id fails on nonexisting private key Product: Portable OpenSSH Version: 6.2p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: Miscellaneous Assignee: unassigned-bugs

https://bugzilla.mindrot.org/show_bug.cgi?id=2514 Bug ID: 2514 Summary: Usability: Key filenames / extensions make sharing private key likely. Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component:

On Friday 06 April 2018 21:31:01 Bernard Spil wrote: > Hi, > > When using OpenSSH with LibreSSL 2.7.x it cannot read existing RSA and > ECDSA private keys. > > Error loading key "./id_rsa": invalid format > > Rebuilding OpenSSH with LibreSSL 2.6.x fixes the issue. I had fixed this > issue early on with LibreSSL 2.7 by converting the key to "new

Hello, I have a client machine and a server machine. I generated a pair of private-public rsa keys using ssh-keygen. On the client-machine, I uploaded my private key onto ~/.ssh/id_rsa On the server machine, I appended the content of the public key to .ssh/authorized_keys I can successfully connect from the client to the server with that config. However, on the client-side, if I add a

Hi, We need to allow log in based on public key generated using ssh-keygen (rsa key) for SFTP with chroot (internal sftp). I am not able to log in with just key exchange. I can login using password. I am able to log-in with out password for an ssh session unlike sftp session. Is there a way to login with key-exchange only for internal-sftp with chroot? Here is the trace OpenSSH_3.9p1, OpenSSL

I'm using OpenSSH_3.7.1p2 on the client side and OpenSSH_2.9p2 on the server side. (The client can be upgraded easily; upgrading the server would be a bit of a hassle.) My client is correctly configured to use key authentication. I can log in to many servers using my key, just not this particular one. This server does have "PermitRootLogin" set to "yes". Client

On Tue, Jan 15, 2002 at 06:00:50PM -0000, John Bowman wrote: > > Date: Tue, 15 Jan 2002 17:29:44 +0100 > > From: Markus Friedl <markus at openbsd.org> > > Cc: openssh at openbsd.org > > Content-Type: text/plain; charset=us-ascii > > Content-Disposition: inline > > User-Agent: Mutt/1.3.25i > > > > On Tue, Jan 15, 2002 at 03:46:15PM -0000, John