[Bug 1786] New: ssh-copy-id's man page is misleading w.r.t. changing permissions

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Jun 22 06:52:22 EST 2010


https://bugzilla.mindrot.org/show_bug.cgi?id=1786

           Summary: ssh-copy-id's man page is misleading w.r.t. changing
                    permissions
           Product: Portable OpenSSH
           Version: 5.5p1
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: minor
          Priority: P2
         Component: Documentation
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: asguthrie at gmail.com


"It also changes the permissions of the remote user’s home, ~/.ssh, and
~/.ssh/authorized_keys to remove group writability (which would
otherwise prevent you from logging in, if the remote sshd has
StrictModes set in its configuration)."

However, aside from setting an appropriate umask before creating a .ssh
directory (if none exists), it doesn't do this. In particular, if .ssh
exists and is group-writable, then it will remain group-writable,
causing the key to be ignored by sshd if StrictModes is on.

A patch for the man page is attached.

Thanks to Steve Dee for the initial report and patch in Ubuntu (LP:
#156049)

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list