[Bug 1554] No feedback when configuration file permissions are set incorrectly.
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Fri Feb 13 16:07:00 EST 2009
https://bugzilla.mindrot.org/show_bug.cgi?id=1554
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
CC| |djm at mindrot.org
--- Comment #1 from Damien Miller <djm at mindrot.org> 2009-02-13 16:06:59 ---
Bad permissions are logged on the server. E.g.
Authentication refused: bad ownership or modes for file
/home/djm/.ssh/authorized_keys
We cannot relay this information to the client because it is, by
definition, not authenticated at the time it is attempting public key
authentication and is therefore untrustworthy. It would be
inappropriate to divulge the existence of an authorized_keys file, let
alone that it has unsafe permissions.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list