To minimize the possibility of malicious attacks, maintain critical SSH key file permissions on your virtual appliance host machines.

After configuring or updating your SSH configuration, always verify that the following SSH key file permissions do not change.

  • The public host key files located in /etc/ssh/*key.pub are owned by the root user and have permissions set to 0644 (-rw-r--r--).

  • The private host key files located in /etc/ssh/*key are owned by the root user and have permissions set to 0600 (-rw------).