SSH, or Secure Shell, is a network protocol that allows one device to securely connect to another remote device. The SSH protocol includes both a server and a client in order to provide the capability to connect from and connect to a remote device.
SSH client files are stored in a folder titled .ssh which is found in the home directory (~) of each user that utilizes SSH. This folder is not created by default, but is created if a remote host attempts to connect to the local device, or when the ssh-keygen is run.
Here is an example file structure of the ~/.ssh folder.
|- ~
|--- .ssh/
|----- config
|----- known_hosts
|----- authorized_keys
|----- id_rsa
|----- id_rsa.pubIn order for the SSH service to use the files contained in ~/.ssh, you must ensure that the file permissions and file ownership is set properly. If these files are given too many permissions, SSH won’t allow you to use them. Let’s review the proper permissions of the above example file structure.
| File/Folder | Permission (rwx) | Permission (###) |
|---|---|---|
| ~/.ssh | drwx—— | 0700 |
| config** | -rw——- | 0600 |
| known_hosts | -rw——- | 0600 |
| authorized_keys | -rw——- | 0600 |
| id_rsa** | -rw——- | 0600 |
| id_rsa.pub | -rw-r–r– | 0644 |
** Permissions on the config file, and identify files containing private keys, are mandatory.
References
1. http://linuxcommand.org/lc3_man_pages/ssh1.html 2. https://superuser.com/questions/215504/permissions-on-private-key-in-ssh-folder#answer-1559867