0

i have some Linux installed on by Laptop and use SSH with private key authentication to connect to a server. Recently, I installed Win10 with the bash developer extension on by desktop. Since I only have one user account on this server, and hence only on key, i simply moved by private key file into the respective directory of my windows bash.

However, whenever I open a new bash instance and try to connect to the server, the error message: 'Permission denied (publickey).' is returned. My current fix are the following steps: exec ssh-agent bash; ssh-add;

While I could obviously add this into .profile, I would be required to enter the passphrase whenever I open bash.

Does anyone has some suggestions how to fix this more properly, s.t. I only have to enter my passphrase whenever I connect to the server and that I do not have to reinitialize my ssh key in every bash session.

kind regards

Improve this question
3
  • My understanding is that the type of authentication that the beta feature supports is limited. Are you sure your key is supported?
    – Ramhound
    Commented Jan 10, 2018 at 13:02
  • how can i check whether the type is supported? However, by manually starting the ssh-agent, everything works more or less as expected...
    – hansal
    Commented Jan 12, 2018 at 19:18
  • @hansal See: ssh(1). You can use ssh -Q followed by one of the following: cipher | cipher-auth | mac | kex | key | key-cert | key-plain | protocol-version
    – JW0914
    Commented Jun 20, 2018 at 1:08

1 Answer 1

Reset to default
0

Keys must only be accessible to the user they're intended for and no other account, service, or group.

  • I don't use WSL, as it's a security nightmare, creating more problems than it solves, so I'll provide both ways to set correct permissions

Windows Powershell Terminal

  • GUI:
    • [File] Properties - Security - Advanced
      1. Set Owner to the key's user
      2. Remove all users, groups, and services, except for the key's user, under Permission Entries
      3. Set key's user to Full Control


  • CLI:

    :: Set Variable ::
set key="C:\Path\to\key"

:: Remove Inheritance ::
cmd /c icacls %key% /c /t /inheritance:d

:: Set Ownership to Owner ::
cmd /c icacls %key% /c /t /grant %username%:F

:: Remove All Users, except for Owner ::
cmd /c icacls %key%  /c /t /remove Administrator BUILTIN\Administrators BUILTIN Everyone System Users

:: Verify ::
cmd /c icacls %key%

WSL Bash Terminal

  • CLI

    # Set Variables

  # Key  
    key="/path/to/key"

  # User:
    user="$(echo $USER)"

# Set Ownership
  # This assumes user's name is also user's group name
    chown $user:$user $key

# Set Access Rights
  chmod 0600 $key

# Verify
ls -l $key
Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .