You are here because you received the following error stating " WARNING: UNPROTECTED PRIVATE KEY FILE! Permissions 0644 for '*key*.pem' are too open.".


A private key should indeed be very private. In the hands of the wrong person, you could be in huge trouble.

This is a frequently occurring error when trying to login into an AWS EC2 instance via SSH using a private key.

Why does this error occur?

By default, the downloaded private key file has open read access to all the users in your system. This is a very common occurrence unless you are really nerdy about your security measures. This results in you not being the only one who has the access to the private key.

Therefore, if an attacker gets hold of one of the user accounts in the system or network, they would also be able to gain access to your server via the exposed private key.

How to fix this error?

We need to make the private key only accessible by you, i.e the owner and no other group or user can access it. We can achieve this by simply setting the permissions code of the file to 600.

Steps to perform:-

1, Go to the directory in which the private key is stored and open up a terminal.

2, Run the following command. (Replace the file name with yours)

sudo chmod 600 keyname.pem
command to give correct permission

3, Run the command to access your EC2 instance to verify the error is resolved. If everything is correct, you will be able to log in successfully.

successful login


Ensure that all your private keys are protected by only giving read and write permission to yourself. This is a good practice to maintain for your better future.

If you found this article helpful, come check out the other articles I have written on my blog.