On 15 November 2015 at 09:55, Alon Bar-Lev <alon.barlev@xxxxxxxxx> wrote: > > Hi, > > Working with apache-sshd I found that it forces ~/.ssh/config to be > owned by user without group/others permissions. It failed for me > within my valid openssh environment. > > Within sources (readconf.c::read_config_file), I found that openssh > only enforces ownership by user and not group/others write. > > When I opened an issue, I was referred to this[1] wiki page (not sure > who maintain it) claiming that: > """ > This file must not be accessible to other users in any way. Set strict > permissions: read/write for the user, and not accessible by others. It > may group-writable if and only if that user is the only member of the > group in question. > """ > > Personally, I prefer the sources as a reference, but as this wiki page > is source for information for some, and find no reason why this file > is sensitive for read. > > I would like to know what is the expected behaviour. Hi! Anyone knows what is the expected behaviour? Thanks! > > Regards, > Alon Bar-Lev. > > [1] https://en.wikibooks.org/wiki/OpenSSH/Client_Configuration_Files#.7E.2F.ssh.2Fconfig _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev