I was trying to use an ssh instance and I received the following error, which is odd since I tried to change the permission using chmod, but that didn't seem to work as permissions were still 777:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0777 for 'privkey.pem' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "privkey.pem": bad permissions
Permission denied (publickey).

I opened git bash and was able to SSH into my instance with no problem, and permissions were not 777 as well.

3

7 Answers

If you're referencing files in the Windows file system, they do not, by default, retain Linux permissions. However, there's a way to enable that. Edit or create (using sudo) /etc/wsl.conf and add the following:

[automount]
options = "metadata"

Shut down all WSL instances and restart an instance, and any chmod changes are now retained.

8

The correct way to handle this:

1. Create /etc/wsl.conf with the following:

   [automount]
   enabled = true
   root = /mnt/
   options = "metadata,umask=22,fmask=11"

   To understand the meaning of each parameter above, please refer to this article on MSDN

2. Close all WSL terminals and open a new one

3. Restart your machine (as indicated by some comments)

Now you are all set; changing permissions of a file in Windows from /mnt/c/ will be reflected, and mounted, correctly within WSL on startup via the metadata option.

6

Is the private key on your Windows filesystem (under /mnt/)? You can't modify the permissions of files on Windows's filesystem using chmod on Bash on Ubuntu on Windows. You'll have to copy the private key to your WSL home directory (~) and do it there.

Some discussion here:

8

I created an alias that gets loaded in my ~/.bashrc file and allows to unmount/remount the C:/ drive in the /mnt/c/ folder with `"metadata" permissions.

alias win-chmod="cd ~ && sudo umount /mnt/c && sudo mount -t drvfs C: /mnt/c -o metadata && cd -"

This allows me to only enable chmod when I need it, preventing unwanted changes to the mounted file system. It's just a matter of invoking

$ ls -l | grep myfile
-rwxrwxrwx 1 root root 0 Dec 12 16:34 myfile.txt
$ win-chmod
/mnt/c/Users/myself/Documents/myfolder
$ chmod 666 myfile.txt
$ ls -l | grep myfile
-rw-rw-rw- 1 root root 0 Dec 12 16:34 myfile.txt

2

Copy the key file to anywhere in the Linux Sub system then change the permission and connect.

cp /mnt/path/to/key/file /home/$USER/

chmod 400 /home/$USER/key_file_name.pem

1

I would like to add to @basilA's answer, because it's not that easy to create a /etc/wsl.conf file, especially since I kept getting

-bash: /etc/conf.wsl: Permission denied

even if I ran commands with sudo. Anyway, the trick is to change to root user. So from a regular command prompt, type the following commands:

• wsl
• sudo su

cat > /etc/wsl.conf << EOF
[automount]
options = "metadata"
EOF

You cannot give 777 permission to *.pem file

Use chmod 400 filename.pem

it will fixed the issue

in some system you can use chmod 600 filename.pem

2

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy