Hi, First thank you for this course, i would know why we MUST set chmod 400 to the file and let say if its 644 i got this : " Permissions 0644 for ‘Keys/MyKeyPairED25519.pem’ are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. Load key "Keys/MyKeyPairED25519.pem": bad permissions Permission denied (publickey,gssapi-keyex,gssapi-with-mic). "
1 Answers
As per this documentation:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html#troubleshoot-unprotected-key
It is good practice to always be setting it to 0400 as it gives the minimal required permissions for it to work, this is actually enforced as if not adhered you will get that specified message.
This is enforced by SSH, the linux way of logging into servers. Which is a little out of scope for AWS certs, but it’s useful to know that you would also run into this same situation if permissions aren’t set correctly on the SSH files in a non-AWS environment.