openssh windows bad owner or permissions
WindowsFile PermissionsOpensshWindows Problem Overview
I've installed openssh for windows and when I run ssh localhost
I get
> Bad owner or permissions on C:\Users\gary/.ssh/config
I've looked at these 2 questions https://superuser.com/questions/348694/bad-owner-or-permissions-error-using-cygwins-ssh-exe and https://serverfault.com/questions/253313/ssh-returns-bad-owner-or-permissions-on-ssh-config but none of the answers work for me. sshd is running as a service as the Local System user. I've run chmod 0600 C:\Users\gary\.ssh\config
and chown gary C:\Users\gary\.ssh\config
. I've also cleared the ACL by running setfacl -b C:\Users\gary\.ssh\config
and then chmod 0600 C:\Users\gary\.ssh\config
again. I've also tried changing the owner to SYSTEM and got the same error.
I'm not sure what else to do, is there anything wrong with my setup? I also have git installed which installed mingw, I deleted ssh and sshd from my git installation so they wouldn't be on my path.
Other commands I've run are
icacls "C:\Users\gary\.ssh\config" /setowner gary
chown -R gary:1049089 C:\Users\gary\.ssh
ls -la C:\Users\gary\.ssh\config
shows
>-rw-r--r-- 1 gary 1049089 229 Jan 3 14:43 'C:\Users\gary.ssh\config'
it keeps showing this even after changing the owner to SYSTEM, but in the file properties in file explorer it shows SYSTEM as the owner
Windows Solutions
Solution 1 - Windows
This started popping up immediately after I created another user with Administrator privileges, and that account began inheriting access to my .ssh folder.
You do not need to change your permissions whatsoever.
Just go to .ssh, right-click Properties, Security Tab, Advanced. DISABLE INHERITANCE, then click on the Administrator user (the one that is not you) and Remove them. Apply. Done.
Solution 2 - Windows
Use ssh client from Git instead of Windows inbuilt SSH client. E.g. set VS Code to use C:\Program Files\Git\usr\bin\ssh.exe instead of C:\Windows\System32\OpenSSH\ssh.exe.
Steps:
- In VS Code navigated to [File] -> [Preferences] -> [Settings] -> Search remote.ssh.path
- Input C:\Program Files\Git\usr\bin\ssh.exe
Alternatively:
- Update PATH environment variable to point to Git bin before Windows System32.
- Type "env" in Start bar to edit System (or account) environment variables.
- Select Path and hit edit.
- Add C:\Program Files\Git\usr\bin\ssh.exe to the list and move it to the top of the list.
Solution 3 - Windows
Just got same issue after re-install windows. And easily fixed just by changing the file permissions to
SYSTEM & Administrators - Full Control
[your username] - Modify & as Owner
Note:
-
I'm still using Windows 10 built-in SSH client
C:\Windows\System32\OpenSSH\ssh.exe
& not using cygwin at all
Solution 4 - Windows
For those still struggling with this, check this out: https://github.com/PowerShell/openssh-portable/pull/418. This was the case for me. It turns out that your computer should be named differently from your username... 路♂️ It will probably be fixed soon in future updates, because fix got into commit.
So again: if your computer name is the same as your username and you still haven't fixed this issue with permissions dialog, then probably renaming your computer could help.
Solution 5 - Windows
I'm not sure what version of Windows you're running, but since this is recent I'd guess Windows 10. I recently found out that an OpenSSH client is installed by default as of the April 2018 update. I then found I had two instances of OpenSSH: the one I installed myself and the one Windows gave me. Uninstalling the one I had installed caused the error message you describe.
The solution that worked for me was to remove the user-installed OpenSSH as well as the C:\Users\username\.ssh
folder, and let Windows 10 OpenSSH create the folder when you run the command the next time. I didn't have any configuration I was worried about losing, but if you do I'd suggest copying and pasting the contents of the files somewhere and recovering them afterwards.
Hope this helps!
Solution 6 - Windows
On windows server this is due to permission problem. Need to remove access to other users for the following folders
.ssh - folder
Right click on this folder -> Select "Give access to" - > Click on "Remove Access" Right click on this folder -> Select "properties" - > "Securities" - > Click on "Edit Permissions" - Remove other users except the ID you are logged in.
Repeat the same process for the folder under which you have .pem file. (Note: Keep .pem file in a separate folder)
Solution 7 - Windows
Use FixUserFilePermissions.ps1 to fix permissions of client side files - keys and config files of current user.
git clone [email protected]:PowerShell/openssh-portable.git cd openssh-portable/contrib/win32/openssh .\FixUserFilePermissions.ps1 -Confirm:$false
Solution 8 - Windows
Instead of using the properties box, you can use the one liner:
icacls .ssh /grant:r <yourUserName>:f /inheritance:r
/grant:r username:f
-> grant and overwrite permissions, giving full permissions to username
/inheritance:r
-> remove inherited permissions
Keep known_hosts writable with
icacls .ssh/known_hosts /grant:rw <username>:f /inheritance:r
Solution 9 - Windows
Having the exact same issue today, this is how I solved it:
Solution 10 - Windows
For anyone, who still has troubles after applying the owner + modify (plus full control for admins): it did not work for me. Then I saw a solution to remove all other users (incl all admins), which did not help either.
This worked for me:
- leave System and Administrators in place, with full control, as suggested above
- leave the user itself in place, as owner, with modify, as suggested above
- however, remove any other user or group. You probably need to go to advanced first, to disable inheritance of rights
after I removed an administrative user who was added by Windows after entering my folder (by passing through the UAC box), it worked for me again.
Hope this helps for anyone who encounters this specific issue :-)
Solution 11 - Windows
If User is in Administrative group just keep configuration in c:\programdata\ssh\ssh_config instead %USERPROFILE%.ssh\config, will work
Solution 12 - Windows
after disabling inheritance, make sure you add your current user, else u cannot edit the file
Solution 13 - Windows
For me it was fixed by running chmod 0644 config under ~/.ssh/. Earlier it was set to 755 which was causing "Bad owner or permissions on /home/home/.ssh/config"
Solution 14 - Windows
I tried all the solutions above, and sadly still can't fix this issue. I'm pretty sure the permission of my ssh config is correct, this has been verified by the Explore GUI and the Get-Acl commands.
Then I finally find a way to solve it:
delete the entire .ssh
folder and then open powershell and type ssh localhost
. It will create a new .ssh
folder for you, then you can apply the above permission tweaks(for me I only did one thing: disable inheritance).
So if other solutions doesn't work for you, maybe you can try this. Hope it's helpful.
PS: don't forget to backup your old .ssh
folder before deleting it.
Solution 15 - Windows
I was having this problem, and no amount of changing permissions or disabling inheritance on the config file would fix it. It turned out that it did not like my computer name and user name being the same, so I re-named my computer, allowed open ssh to re-create the config file, and the permissions are now correct. That was probably a bad idea to begin with, tbh.
Solution 16 - Windows
After a domain change over, I started having this same problem. Went through all of the suggestions listed and nothing worked, including both chmod and chown solutions.
I ended up fixing the problem by copying the folder, pasting it, deleting the original, and then renaming it back to .ssh.
Solution 17 - Windows
The problem seems from the files are owned/has-permission for more than one user.
1- Go to your ./ssh folder and for both config
& id_rsa
files. From the properties -> Security -> Advanced:
2- Make sure that the user that you are logged in with IS the only user there.
Solution 18 - Windows
No group change or whatever,the first answer is right.Change to git ssh.exe How?
- uninstall win10's openssh in Settings
- add path of git's ssh.exe to your
Path
Solution 19 - Windows
For me it was fixed by running chmod 0644 config under ~/.ssh/ when running WSL.
Solution 20 - Windows
- Rename the config file to something like config2
- Open this file with notepad
- Save As config (original name)
This worked for me.
Solution 21 - Windows
I guess it was caused by the wrong path expression.
> Bad owner or permissions on C:\Users\gary/.ssh/config
The /.ssh
should be \.ssh
. So I try to use git bash (the terminal tool when install git in Windows system) to run ssh
command. It really works. But I don't really know if it is caused by the reason I guessed.
Solution 22 - Windows
I deleted C:\Users\user/.ssh/config
and reran my stuff, then it worked.
However, if you have something valuable there, make a backup first, just in case!
Solution 23 - Windows
Hi guys after a troubleshoot for a day I found that this "m.. f.." config file should not stand in the .ssh/ path.
For VSCODE just set the config in 'C:\ProgrmaData\ssh\ssh_config' path as proposed in the second choice of the palette command, and forget .shh path for this configuration.
That worked fine for me.
Nota: there was also a known_host file also created here with strange VM names inside, I deleted also this file. and that helps