SSH Workbench

chmod Calculator

Toggle permissions visually to get the octal number, symbolic notation, and ready-to-paste chmod command.

Client-side only — nothing leaves your browser

Type any value 000-7777 to decode it

rwxr-xr-x

As shown by ls -l

WhoRead (r=4)Write (w=2)Execute (x=1)
Owner
u — the file's owner
Group
g — members of the file's group
Other
o — everyone else
Special bits (setuid, setgid, sticky)

Target file or directory

Numeric (octal)

chmod 755 file.sh

Symbolic

chmod u=rwx,g=rx,o=rx file.sh

Recursive (for directories)

chmod -R 755 file.sh

What is chmod?

chmod (short for "change mode") is the Unix/Linux command that sets file and directory permissions. Every file on a Linux or macOS system has three permission groups — owner, group, and other — and each group has three permissions: read (r), write (w), and execute (x). chmod lets you toggle any combination using either numeric (octal) notation like 755 or symbolic notation like u+x. This calculator translates between the two so you can see exactly what each value means before running the command on your server.

How chmod Numbers Work

Each digit in a chmod number is the sum of three permission bits. Add them together to get the digit for that scope:

NumberPermissionSymbol
4Readr
2Writew
1Executex
0No permission-

So 755 means owner gets 4+2+1=7 (rwx), group gets 4+0+1=5 (r-x), and other gets 4+0+1=5 (r-x) — written as rwxr-xr-x. The three digits are always in the order owner-group-other.

chmod Cheat Sheet

The chmod values you'll actually use day to day:

OctalSymbolicTypical Use
777rwxrwxrwxFull access for everyone (avoid on shared servers)
755rwxr-xr-xExecutable scripts and directories — owner full, others read+execute
750rwxr-x---Group-shared executable — no access for others
744rwxr--r--Owner full, group and others read-only
700rwx------Private executable — only the owner can do anything
644rw-r--r--Standard files — owner can edit, everyone can read
640rw-r-----Owner edits, group reads, others locked out
600rw-------Private files — SSH config, ~/.ssh/authorized_keys
400r--------Read-only private key — required for ~/.ssh/id_rsa

Symbolic chmod Reference

You can also write chmod with letters instead of numbers. Combine a scope (u/g/o/a), an operator (+/-/=), and a permission (r/w/x):

CommandMeaning
chmod u+x fileAdd execute permission for the owner
chmod g-w fileRemove write permission for the group
chmod o=r fileSet other to read-only (clears w and x)
chmod a+r fileAdd read permission for all (a = ugo)
chmod -R 755 dirRecursively apply 755 to a directory tree
chmod +x script.shShorthand to make a script executable

Frequently Asked Questions

What does chmod stand for?
chmod is short for "change mode" — the Unix command that changes the mode (permission bits) of a file or directory. It first appeared in AT&T Unix in the early 1970s and remains the standard way to set file permissions on Linux, macOS, BSD, and any other POSIX-compliant operating system. The related command chown changes the owner, and chgrp changes the group.
What is the difference between chmod 755 and chmod 777?
Both give the owner full read, write, and execute permissions. The difference is what the group and other (everyone else) can do. With 755 (rwxr-xr-x), the group and other can read and execute but cannot modify the file — this is the safe default for scripts, web files, and directories. With 777 (rwxrwxrwx), anyone on the system can read, modify, or replace the file, which is almost never what you want. Use 755 for executables and 644 for regular files; 777 should be a red flag in code reviews.
What chmod should I use for an SSH key?
Private SSH keys (~/.ssh/id_rsa, ~/.ssh/id_ed25519) require chmod 600 — read and write for the owner only. Some users prefer chmod 400 to make the key read-only and prevent accidental edits. The ~/.ssh directory itself should be chmod 700, and authorized_keys should be chmod 600. If permissions are looser than this, SSH will refuse to use the key with a "permissions are too open" warning. Public keys (.pub files) can safely be chmod 644.
How do I chmod a directory recursively?
Use the -R (recursive) flag: chmod -R 755 mydir applies 755 to the directory and everything inside it. Be careful with recursive chmod on directories that mix files and subdirectories — files usually need 644 while directories need 755 (because 'execute' on a directory means 'list contents'). A common idiom is: find mydir -type d -exec chmod 755 {} \; and find mydir -type f -exec chmod 644 {} \; to set them independently.
Why is chmod 777 dangerous?
chmod 777 grants read, write, and execute permission to every user on the system — including the web server, other unprivileged accounts, and (on shared hosts) other tenants. Anyone who lands a shell on the box can modify the file, replace it with a malicious version, or execute it. For web applications, 777 on a directory means an attacker who can upload a file can also run it as a script. The fix is almost always to set the file's owner correctly with chown, then use 755 or 644.

Related Tools

htpasswd Generator

Generate htpasswd entries for Apache, Nginx, and Traefik basic auth. bcrypt, apr1, MD5, and SHA-1.

SSL Checker

Check SSL/TLS certificate validity, expiry, chain, and issuer for any domain. Color-coded expiry warnings.

Certificate Decoder

Decode X.509 PEM certificates. View subject, issuer, validity, SANs, key usage, and SHA fingerprints.

Cron Generator

Generate, validate, and translate cron expressions. Visual cron builder with human-readable descriptions.

Cron to systemd Timer

Convert cron expressions to systemd .service and .timer files with OnCalendar syntax.

Need to manage SSH connections?

SSH Workbench lets you connect, browse files, and manage servers visually.

Try SSH Workbench Free