The best practice configuration for the personal .ssh directory is to restrict all access to the corresponding local user. This will be enforced by OpenSSH and any misconfiguration will result in OpenSSH ignoring the .ssh directory contents with a warning.
This PowerShell script automatically repairs the permissions of the .ssh directory and files. It does the following for all items within and including the given .ssh directory:
- Disables inheritance
- Sets ownership to one user
- Removes all permissions
- Grants one user full control
Download and unpack the latest release to your machine.
Open a PowerShell console at the location of the unpacked release and execute the ./repair_ssh_permissions.ps1.
Hint: If you are running into an SeSecurityPrivilege error execute the command with administrator privileges.
Execute the following command to repair the '%USERPROFILE%/.ssh' directory (and all items within) for the current Windows user.
.\repair_ssh_permissions.ps1Note
The script will automatically elevate itself to administrator privileges.
Execute the following command with to repair a specific directory for a specific local Windows user.
.\repair_ssh_permissions.ps1 -path "X:\unsual\path\to\.ssh" -user "John Doe"Execute the following command to get detailed help.
Get-Help .\repair_ssh_permissions.ps1 -detailed