# Secure the .ssh directory itself (read/write/execute only by the owner)
chmod 700 ~/.ssh

# Secure all private keys (e.g., id_rsa, id_ed25519, id_ecdsa) so they are read/write only by owner
find ~/.ssh -type f \( -name "id_*" ! -name "*.pub" \) -exec chmod 600 {} \;

# Set appropriate permissions for public keys (read/write by owner, readable by others)
find ~/.ssh -type f -name "*.pub" -exec chmod 644 {} \;

# Set secure permissions for common SSH configuration and state files if they exist
[ -f ~/.ssh/config ] && chmod 600 ~/.ssh/config
[ -f ~/.ssh/known_hosts ] && chmod 644 ~/.ssh/known_hosts
[ -f ~/.ssh/authorized_keys ] && chmod 600 ~/.ssh/authorized_keys

# Set the correct owner and group (recursively) to your current user
chown -R "$USER:$USER" ~/.ssh