Last active
July 3, 2024 15:43
-
-
Save jcefoli/f0d4486ccbb77431ee5c5df6c4734128 to your computer and use it in GitHub Desktop.
Fix OpenSSH private key permissions on Windows (Solves Windows SSH: Permissions for 'private-key' are too open)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
param ( | |
[Parameter(Mandatory=$true)] | |
[string]$privateKeyFilePath | |
) | |
# Remove inheritance from the private key file to prevent inheriting permissions from parent directories | |
. icacls $privateKeyFilePath /c /t /Inheritance:d | |
# Grant full control to the current user for keys within the user profile directory | |
. icacls $privateKeyFilePath /c /t /Grant ${env:UserName}:F | |
# If the private key is outside the user profile directory, take ownership and grant full control | |
. takeown /F $privateKeyFilePath | |
. icacls $privateKeyFilePath /c /t /Grant:r ${env:UserName}:F | |
# Remove all users' permissions except for the owner (current user) | |
. icacls $privateKeyFilePath /c /t /Remove:g Administrator "Authenticated Users" BUILTIN\Administrators BUILTIN Everyone System Users | |
# Verify and display the current permissions on the private key file | |
. icacls $privateKeyFilePath | |
# Remove the variable holding the private key path to clear sensitive information | |
Remove-Variable -Name privateKeyFilePath |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment