Question
Permissions changed in the /root/.ssh directory changed. What are the correct permissions for this folder?
Answer
Please note if any file or directory within /root has its permissions or ownership changed without your knowledge, this could indicate a security concern. Changes should be avoided until you have performed a security review to confirm if a compromise has occurred. Making permissions or ownership changes could remove information necessary to determine how or when a compromise happened.
Default permissions for the /root/.ssh are 700, /root/.ssh/authorized_keys file should be 600, and the owner and group of these should both be root.
Permissions on the parent directory /root could also cause issues with the SSH service. The directory /root should have the permissions of 550.
You can confirm the permissions of a file using the stat command:
[root@server ~]# stat --printf 'File:%n User:%U Group: %G Permissions: %a\n' /root/ /root/.ssh/ /root/.ssh/authorized_keys
File:/root/ User:root Group: root Permissions: 550
File:/root/.ssh/ User:root Group: root Permissions: 700
File:/root/.ssh/authorized_keys User:root Group: root Permissions: 600