13

I recently messed around with the .ssh directory. Made some permission changes, I think and now it won't let me access it anymore. I can access it as the root user (sudo -i) but not as user1

I get permission denied when listing or cding into .ssh even though it shows the files

ls: cannot access /home/user1/.ssh/amazon.pem: Permission denied
ls: cannot access /home/user1/.ssh/id_rsa: Permission denied
ls: cannot access /home/user1/.ssh/known_hosts: Permission denied
ls: cannot access /home/user1/.ssh/id_rsa.pub: Permission denied
total 0
-????????? ? ? ? ?            ? amazon.pem
-????????? ? ? ? ?            ? id_rsa
-????????? ? ? ? ?            ? id_rsa.pub
-????????? ? ? ? ?            ? known_hosts

Logging in as root and ls gives following results

# ls -l /home/user1/ -a |grep ssh
drw-rw-rw-  2 user1 user1 4096 Aug 27 15:45 .ssh

Even the files inside are .ssh are owned by user1:user1 and chm

-rw-rw-rw- 1 user1 user1 1692 Aug 27 15:45 amazon.pem
-rw-rw-rw- 1 user1 user1 1675 Aug 25 20:01 id_rsa
SoWhat
  • 250
  • 1
  • 3
  • 13

2 Answers2

28

Steeldriver is right. On directory you need also x access flag to be able to list files inside.

Fixing the directory using chmod 700 ~/.ssh should help you to get into this (correct) state:

$ ls -ld ~/.ssh
drwx------. 2 user user 4096 Aug 26 10:37 /home/user/.ssh

Also you should fix your keys using chmod 600 ~/.ssh/id_rsa and chmod 644 ~/.ssh/*.pub to get this:

$ ls -l ~/.ssh/
-rw-------. 1 user user  1766 Mar  7  2014 id_rsa
-rw-r--r--. 1 user user   415 Mar  7  2014 id_rsa.pub
Jakuje
  • 6,793
-2

When you run command ls -l on any directory the first column is the permission column which is interpreted as follows:

1-------------2 3 4-------5 6 7-------8 9 10

(TYPE)----(user)-----(group)----(others)

TYPE : If '-', it is a file. If 'd' it is a directory.

Permissions: read: 4, write: 2, execute: 1

So for read, write and execute your permissions will be 7 in user group.

You can use 

sudo chmod 7 6 6 file_name

or 

sudo chmod -R u+x /home/somesh/.ssh

-R – this modifies the permission of the parent folder and the child objects within

Dhaval Simaria
  • 825