Fixing SSH "UNPROTECTED PRIVATE KEY FILE" Error in WSL: How I Solved the Permission Issue

While setting up SSH access to a remote server using an AWS key pair, I ran into an annoying issue that took me some time to figure out. I thought I'd share my experience in case someone else faces the same problem.

The Error

When I tried to connect using my private key, I got this error:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0777 for 'my-key.pem' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "my-key.pem": bad permissions
ubuntu@44.206.111.85: Permission denied (publickey).

At first, I wasn't sure what was wrong, but after a bit of research, I realized that SSH refuses to use a private key if its permissions are too open.

How I Fixed It

Step 1: Check File Permissions

I ran the following command to check the permissions of my private key file:

ls -l my-key.pem

This showed:

-rwxrwxrwx 1 abhishek abhishek 1678 Mar 25 19:53 my-key.pem

Clearly, the file had too many permissions, meaning it was readable, writable, and executable by everyone. SSH doesn't like that.

Step 2: Restrict Permissions

To fix this, I ran:

chmod 600 my-key.pem

Then, I checked the permissions again:

ls -l my-key.pem

Now, it looked like this:

-rw------- 1 abhishek abhishek 1678 Mar 25 19:53 my-key.pem

Much better! Now only I had read and write access to the file.

Step 3: Ensure Correct File Ownership

Just to be sure, I checked the file ownership:

ls -l my-key.pem

And ran this command to make sure I was the owner:

chown $(whoami):$(whoami) my-key.pem

Step 4: Move the Key to a Secure Location

Since SSH keys should be stored securely, I decided to move it inside my ~/.ssh directory:

mkdir -p ~/.ssh
mv my-key.pem ~/.ssh/
chmod 600 ~/.ssh/my-key.pem

Step 5: Try SSH Again

After that, I tried connecting again:

ssh -i ~/.ssh/my-key.pem ubuntu@44.206.238.85

And this time, it worked perfectly! 🎉

Extra Debugging Tip

If you're still running into issues, running SSH in verbose mode can help:

ssh -i my-key.pem ubuntu@44.206.238.85 -v

This will give you more details about what's going wrong.

Final Thoughts

This issue was frustrating at first, but the fix was actually pretty simple. If you ever run into the "UNPROTECTED PRIVATE KEY FILE!" error, just remember:

• Set the correct permissions (chmod 600 filename.pem)

• Ensure the correct file ownership (chown $(whoami):$(whoami) filename.pem)

• Store your key securely (~/.ssh/ is a good place)

Hope this helps someone out there!