bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-21 20:52 UTC
[Bug 1786] New: ssh-copy-id's man page is misleading w.r.t. changing permissions
https://bugzilla.mindrot.org/show_bug.cgi?id=1786
Summary: ssh-copy-id's man page is misleading w.r.t. changing
permissions
Product: Portable OpenSSH
Version: 5.5p1
Platform: All
OS/Version: All
Status: NEW
Severity: minor
Priority: P2
Component: Documentation
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: asguthrie at gmail.com
"It also changes the permissions of the remote user?s home, ~/.ssh, and
~/.ssh/authorized_keys to remove group writability (which would
otherwise prevent you from logging in, if the remote sshd has
StrictModes set in its configuration)."
However, aside from setting an appropriate umask before creating a .ssh
directory (if none exists), it doesn't do this. In particular, if .ssh
exists and is group-writable, then it will remain group-writable,
causing the key to be ignored by sshd if StrictModes is on.
A patch for the man page is attached.
Thanks to Steve Dee for the initial report and patch in Ubuntu (LP:
#156049)
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-21 20:53 UTC
[Bug 1786] ssh-copy-id's man page is misleading w.r.t. changing permissions
https://bugzilla.mindrot.org/show_bug.cgi?id=1786 --- Comment #1 from asguthrie at gmail.com --- Created attachment 1881 --> https://bugzilla.mindrot.org/attachment.cgi?id=1881 ssh-copy-id man page update -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-25 11:22 UTC
[Bug 1786] ssh-copy-id's man page is misleading w.r.t. changing permissions
https://bugzilla.mindrot.org/show_bug.cgi?id=1786
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
Blocks| |1708
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jul-19 04:00 UTC
[Bug 1786] ssh-copy-id's man page is misleading w.r.t. changing permissions
https://bugzilla.mindrot.org/show_bug.cgi?id=1786
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1881| |ok?(djm at mindrot.org)
Flags| |
--- Comment #2 from Darren Tucker <dtucker at zip.com.au> ---
Comment on attachment 1881
--> https://bugzilla.mindrot.org/attachment.cgi?id=1881
ssh-copy-id man page update
looks reasonable to me.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jul-19 04:02 UTC
[Bug 1786] ssh-copy-id's man page is misleading w.r.t. changing permissions
https://bugzilla.mindrot.org/show_bug.cgi?id=1786
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #1881|ok?(djm at mindrot.org) |ok+
Flags| |
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jul-19 11:25 UTC
[Bug 1786] ssh-copy-id's man page is misleading w.r.t. changing permissions
https://bugzilla.mindrot.org/show_bug.cgi?id=1786
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at zip.com.au
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #3 from Darren Tucker <dtucker at zip.com.au> ---
patch applied and will be in 5.6p1. Thanks.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Aug-27 00:27 UTC
[Bug 1786] ssh-copy-id's man page is misleading w.r.t. changing permissions
https://bugzilla.mindrot.org/show_bug.cgi?id=1786
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #4 from Darren Tucker <dtucker at zip.com.au> ---
With the release of OpenSSH 5.6p1 this bug is now considered closed.
If you have further problems please reopen or file a new bug as
appropriate.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Apparently Analagous Threads
- [Bug 1614] New: ssh-copy-id doesn't seem to set correct selinux permissions
- [Bug 1530] New: ssh-copy-id: strip colon from end of hostname
- [Bug 1532] New: SSH ignoring "StrictModes no"
- [Bug 1669] New: ssh-copy-id has options that could be added to MAN page
- [Bug 1740] New: Misleading error message in ssh-keygen