Displaying 1 result from an estimated 1 matches for "75afa9d".
2015 Sep 07
1
[PATCH] customize: Create .ssh as 0700 and .ssh/authorized_keys as 0600 (RHBZ#1260778).
...it doesn't exist. *)
let auth_keys = sprintf "%s/authorized_keys" ssh_dir in
if not (g#exists auth_keys) then (
g#touch auth_keys;
- g#chmod 0o644 auth_keys
+ g#chmod 0o600 auth_keys
);
(* Append the key. *)
diff --git a/src/guestfs.pod b/src/guestfs.pod
index 75afa9d..366d6f5 100644
--- a/src/guestfs.pod
+++ b/src/guestfs.pod
@@ -2244,6 +2244,23 @@ allowed a malformed filesystem to take over the appliance.
If you use sVirt to confine qemu, that would thwart some attacks.
+=head2 Permissions of F<.ssh> and F<.ssh/authorized_keys>
+
+L<https:/...