openssh unix dev - Feb 2002 - Is there a way to tell the sshd to ignore the security check on t he user's home permissions?

Is there a way to tell the sshd to ignore the security check on the user's
home permissions?


debug3: secure_filename: checking '/ftpdata/pxdata/pold/data/.ssh'
debug3: secure_filename: checking '/ftpdata/pxdata/pold/data'
Authentication refused: bad ownership or modes for directory
/ftpdata/pxdata/fold/data
debug1: restore_uid
debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss
Failed publickey for bold from 3.72.144.164 port 1201 ssh2
Authentication refused: bad ownership or modes for directory

I believe that you can set the StrictModes option to 'no' in the
sshd_config file and this will skip the security check.  This is strongly
discouraged however, as it is a security risk.  Even if StrictModes is set
enabled, you can defeat it by compiling sshd with the
--enable-group-writeability flag which makes group writable files
acceptable to StrictModes (if this is in fact what you want).  A note,
sshd does not check ACL's so you might use this avenue to accomplish what
you want.  Hope this helps.

Matt Studley
American Mathematical Society
UNIX Sys Admin        		  "Quantum Mechanics -
mjs at ams.org			  	The dreams that stuff is made of"

On Wed, 20 Feb 2002 william.hahn at ps.ge.com wrote:
> Is there a way to tell the sshd to ignore the security check on the
user's
> home permissions?
>
>
> debug3: secure_filename: checking '/ftpdata/pxdata/pold/data/.ssh'
> debug3: secure_filename: checking '/ftpdata/pxdata/pold/data'
> Authentication refused: bad ownership or modes for directory
> /ftpdata/pxdata/fold/data
> debug1: restore_uid
> debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss
> Failed publickey for bold from 3.72.144.164 port 1201 ssh2
> Authentication refused: bad ownership or modes for directory
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>