JD Cole wrote:> I would like to suggest a change in the ssh documentation for the use > of authorized_keys. The man page states: > > This file is not highly sensitive, but the recommended permissions are > read/write for the user, and not accessible by others. > > I'm may be knit picking, but it could be read that, while not > recommended, it is possible to allow access to the authorized_keys file > to other users. It seems that this is not the case as an athorized_keys > file with group write permissions cause ssh to fall back on manual login.That actually depends on the setting of StrictModes in sshd_config. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Howdy,
I would like to suggest a change in the ssh documentation for the
use of authorized_keys. The man page states:
This file is not highly sensitive, but the recommended permissions are
read/write for the user, and not accessible by others.
I'm may be knit picking, but it could be read that, while not
recommended, it is possible to allow access to the authorized_keys file
to other users. It seems that this is not the case as an athorized_keys
file with group write permissions cause ssh to fall back on manual login.
How about:
This file is not highly sensitive, but ssh requires that the file is
only writable by the user.
Please correct me if I am mistaken,
JD