Unable to change file permissions on Ubuntu Bash for Windows 10

Question

I was trying to use an ssh instance and I received the following error, which is odd since I tried to change the permission using chmod, but that didn't seem to work as permissions were still 777:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0777 for 'privkey.pem' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "privkey.pem": bad permissions
Permission denied (publickey).

I opened git bash and was able to SSH into my instance with no problem, and permissions were not 777 as well.

Answer 1

If you're referencing files in the Windows file system, they do not, by default, retain Linux permissions. However, there's a way to enable that. Edit or create (using sudo) /etc/wsl.conf and add the following:

[automount]
options = "metadata"

Shut down all WSL instances and restart an instance, and any chmod changes are now retained.

Answer 2

The correct way to handle this:

1. Create /etc/wsl.conf with the following:

   [automount]
   enabled  = true
   root     = /mnt/
   options  = "metadata,umask=22,fmask=11"
   

   To understand the meaning of each parameter above, please refer to this article on MSDN

2. Close all WSL terminals and open a new one

3. Restart your machine (as indicated by some comments)

Now you are all set; changing permissions of a file in Windows from /mnt/c/ will be reflected, and mounted, correctly within WSL on startup via the metadata option.

Answer 3

Is the private key on your Windows filesystem (under /mnt/)? You can't modify the permissions of files on Windows's filesystem using chmod on Bash on Ubuntu on Windows. You'll have to copy the private key to your WSL home directory (~) and do it there.

Some discussion here: https://github.com/Microsoft/WSL/issues/81

Answer 4

I created an alias that gets loaded in my ~/.bashrc file and allows to unmount/remount the C:/ drive in the /mnt/c/ folder with `"metadata" permissions.

alias win-chmod="cd ~ && sudo umount /mnt/c && sudo mount -t drvfs C: /mnt/c -o metadata && cd -"

This allows me to only enable chmod when I need it, preventing unwanted changes to the mounted file system. It's just a matter of invoking

$ ls -l | grep myfile
-rwxrwxrwx 1 root root          0 Dec 12 16:34 myfile.txt
$ win-chmod
/mnt/c/Users/myself/Documents/myfolder
$ chmod 666 myfile.txt
$ ls -l | grep myfile
-rw-rw-rw- 1 root root          0 Dec 12 16:34 myfile.txt

Answer 5

I would like to add to @basilA's answer, because it's not that easy to create a /etc/wsl.conf file, especially since I kept getting:

-bash: /etc/conf.wsl: Permission denied

even if I ran commands with sudo. Anyway, the trick is to change to the root user.

So, from a regular command prompt, type the following commands:

• wsl
• sudo su

• cat > /etc/wsl.conf << EOF
  [automount]
  options = "metadata"
  EOF
  

Answer 6

Copy the key file to anywhere in the Linux Sub system then change the permission and connect.

cp /mnt/path/to/key/file /home/$USER/

chmod 400 /home/$USER/key_file_name.pem

Answer 7

I had the issue that my files were stored on an external hard drive which happend to be formated in exFAT. Well you cannot change permissions for files on any FAT and if you try it may end in weird results. So you have to copy your files to a hard drive formated in NTFS and try again. (btw: there is also no security tab in the file properties on FAT)

Answer 8

NONE of those answers worked for me but

1. opening a Windows PowerShell Terminal with Administration rights and then
2. opening an Ubuntu tab and
3. executing chmod 666 /path/to/the/file/I/want (feel free to change permissions number)

did the trick

(1. right-click, 2. right-click, 3. left-click)

good luck with this annoying issue, hope this will fix it

Answer 9

You cannot give 777 permission to *.pem file

Use chmod 400 filename.pem

it will fixed the issue

in some system you can use chmod 600 filename.pem