Following this authoritative article, I created the SSH keys at Windows local PC and copied them to VPS (this article does not cover the Windows case, but I found appropriate solution).
Now, when I trying to sign in to VPS via SSH:
ssh -i "C:\Users\Me\.ssh\MyWebApp.pub" [email protected]
I get the error:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions for 'C:\\Users\\Me\\.ssh\\MyWebApp.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "C:\\Users\\Me\\.ssh\\MyWebApp.pub": bad permissions
[email protected]'s password:
In this stage, I already have at least 2 questions:
- The key has been created in specific user's directory (for example, Me). If so, what "accessible by others" means?
- It was told what private key is unprotected while .pub refers to public one.
Please explain theese moments to excause this topics. Still not understanting above moments, I googled this solution:
Icacls <file name> /Inheritance:r
Icacls <file name> /Grant:r "%Username%":"(R)"
As far as I understood the concept is deny all interations with this keys for all users and the give the permissions to currect users only.
The second command will cause other error; the correct syntax will be:
Icacls <file name> /Grant:r "$Username":"(R)"
Although PowerShell will report about successfull completion, if to try sign in again, "UNPROTECTED PRIVATE KEY FILE!" warning still will be.
The version of Ubuntu in VPS is 20.04.
