how to have ssh not disable local security policy?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



It seems something changed (maybe I'm missing a patch)
to turn off this message:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0650 for '/root/.ssh/id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.

It isn't.  The other permissions are controlled by the right
most digit which is 0.  Each user -- including root,
is in their own group, so allowing groups access to
be the same as user access is policy.

By forcing this protection on my setup, I can't
have the same home directory for my local and domain
users even though they are the same on the server.

But on the win-machine with home mounted directories,
it messes things up and people have to come up with
insecure work-arounds.  Group permissions != "others".

I did set the strictmodes to 'no', in the sshd_config
file... but I don't see a similar parameter in the
ssh file.  Am I missing something?

Thanks!

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux