When you have...
Permissions 0644 for '~/.ssh/key.pem' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Command this for individual keys
sudo chmod 600 ~/.ssh/key.pem
Command this for the SSH Key folder
sudo chmod 700 ~/.ssh
So what are these random digits?
Each digit represents the access privilege of User, Group, and Other.
7: 4(r) + 2(w) + 1(x) rwx read, write and execute 6: 4(r) + 2(w) rw- read and write 5: 4(r) + 1(x) r-x read and execute 4: 4(r) r-- read only 3: 2(w) + 1(x) -wx write and execute 2: 2(w) -w- write only 1: 1(x) --x execute only 0: 0 --- none
Therefore, chmod 600 means giving read and write access to the user and nothing to any other parties.
Giving 755 means giving full access to the user and read, execute access to any other parties.
Giving 777 🎰 means giving full access to everyone.
Note that Linux SSH manual says:
~/.ssh/: This directory is the default location for all user-specific configuration and authentication information. There is no general requirement to keep the entire contents of this directory secret, but the recommended permissions are read/write/execute for the user and not accessible by others. (Recommends 700)
~/.ssh/id_rsa: Contains the private key for authentication. These files contain sensitive data and should be readable by the user but not accessible by others (read/write/execute). ssh will simply ignore a private key file if it is accessible by others. It is possible to specify a passphrase when generating the key, which will be used to encrypt the sensitive part of this file using 3DES. (Recommends 600)