Verify SSH key file permissions

To minimize the possibility of malicious attacks, maintain critical SSH key file permissions on your virtual appliance host machines.

Check the SSH public key files by running the following command:

#ls -al /etc/ssh/*pub

Verify that the files have the following permissions.

-rw-r--r-- 1 root root 609 date and time /etc/ssh/ssh_host_dsa_key.pub
-rw-r--r-- 1 root root 181 date and time /etc/ssh/ssh_host_ecdsa_key.pub
-rw-r--r-- 1 root root 101 date and time /etc/ssh/ssh_host_ed25519_key.pub
-rw-r--r-- 1 root root 401 date and time /etc/ssh/ssh_host_rsa_key.pub

Check the SSH private key files by running the following command:

ls -al /etc/ssh/*key

Verify that the files have the following permissions.

-rw------- 1 root root  668 date and time /etc/ssh/ssh_host_dsa_key
-rw------- 1 root root  227 date and time /etc/ssh/ssh_host_ecdsa_key
-rw------- 1 root root  411 date and time /etc/ssh/ssh_host_ed25519_key
-rw------- 1 root root 1679 date and time /etc/ssh/ssh_host_rsa_key

Check the SSH configuration files by running the following command:

#lls -al /etc/ssh/*config

Verify that the files have the following permissions.

-rw-r--r-- 1 root root 1914 date and time /etc/ssh/ssh_config
-rw------- 1 root root 3481 date and time /etc/ssh/sshd_config

Managing secure shell

Content feedback and comments

VMware Aria Suite Lifecycle 8.12

Verify SSH key file permissions