Share via

Setting Permissions for SSH Key

Reprobus R 21 Reputation points
2026-02-03T14:46:51.3433333+00:00

I've been searching for this answer on this question. When logging into SSH in bash it searches my local key in Windows but although I can connect using a password, I want to remove the permissions denied error when SSH does the verification of the local key as a standard user.

Therefore what security settings for the SSH key must be set in Windows ? I have disabled inheritance but it doesn't solve the problem.

Windows for home | Windows 10 | Security and privacy
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Thomas4-N 16,130 Reputation points Microsoft External Staff Moderator
    2026-02-27T13:25:48.0633333+00:00

    Hello Reprobus R, welcome to Microsoft Q&A forum.

    The C:\ProgramData\ssh\administrators_authorized_keys path mentioned earlier only applies to administrator accounts, not standard users. The "permission denied" error for standard users is usually due to private key file permissions. Here's the fix:

    • Open PowerShell as Administrator
    • Set permissions on your private key (not authorized_keys):

    icacls "C:\Users\YourUsername\.ssh\id_rsa" /inheritance:r

    icacls "C:\Users\YourUsername\.ssh\id_rsa" /grant:r "YourUsername:(R)"

    • Remove other groups if present:

    icacls "C:\Users\YourUsername\.ssh\id_rsa" /remove "Authenticated Users" "Users" "Everyone"

    • Restart SSH service:

    Restart-Service sshd

    The key should now only be readable by your account.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".  

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. 

    Was this answer helpful?

    1 person found this answer helpful.

  2. AI answer

    2026-02-03T14:46:59.87+00:00

    To set the correct permissions for your SSH key on Windows, you need to ensure that the authorized_keys file has the appropriate permissions. Here are the steps to follow:

    1. Ensure the authorized_keys file exists:
      The file should be located at C:\ProgramData\ssh\administrators_authorized_keys for administrator accounts.
    2. Set the correct file permissions:
      You need to grant write permissions only to the Administrators group. You can do this by running the following command in an elevated PowerShell prompt: 
         icacls.exe "C:\ProgramData\ssh\administrators_authorized_keys" /inheritance:r /grant "Administrators:F"
      This command removes inheritance and grants full control to the Administrators group.
    3. Restart the OpenSSH service:
      After setting the permissions, restart the OpenSSH service to apply the changes: 
         net stop sshd 
   net start sshd

    By following these steps, you should be able to resolve the "Permission denied" error when SSH attempts to verify your local key.

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.