Network Security: Detailed info on Re: Permissions on .ssh files Please.

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Secure-Shell

[Top] [All Lists]

Re: Permissions on .ssh files Please.

from [Greg Wooledge] Network Security

[Permanent Link]

Subject:	Re: Permissions on .ssh files Please.
Date:	Tue, 26 Sep 2006 07:51:02 -0400

On Mon, Sep 25, 2006 at 11:02:42PM -0600, Reg Clemens wrote:

I know I have a listing somewhere that shows what the permissions should be
on the files in $HOME/.ssh , but cant find it for the life of me.


It's not just that ONE file!

Every single directory in the entire path leading up to ~/.ssh, as well
as the authorized_keys file therein, must NOT have group or world write
permission.

  ls -ld / /home /home/you /home/you/.ssh /home/you/.ssh/authorized_keys

If any one of the directories or the file in the output of that command
have group or world write permission (e.g., drwxrwxr-x) then sshd will
refuse to acknowledge the authorized_keys file.

Many Linux distributions include some sort of group-writable /home
directory.  This is a frequent cause of problems.  People who ONLY
look at ~/.ssh won't understand why their public key auth is failing.

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Permissions on .ssh files Please., Reg Clemens RE: Permissions on .ssh files Please., Heng Kuo Kuang Kelvin NCS Re: Permissions on .ssh files Please (again), Reg Clemens Re: Permissions on .ssh files Please., Visolve Security Consulting Group Re: Permissions on .ssh files Please., Greg Wooledge <= Re: Permissions on .ssh files Please., Darren Tucker Re: Permissions on .ssh files Please., Ben Koren

Previous by Date:	Re: Permissions on .ssh files Please., Visolve Security Consulting Group
Next by Date:	Re: Permissions on .ssh files Please., Darren Tucker
Previous by Thread:	Re: Permissions on .ssh files Please., Visolve Security Consulting Group
Next by Thread:	Re: Permissions on .ssh files Please., Darren Tucker
Indexes:	[Date] [Thread] [Top] [All Lists]