[Bug 2276] New: AuthorizedKeysCommand: add an option for alternate owner
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Sep 16 22:32:39 EST 2014
https://bugzilla.mindrot.org/show_bug.cgi?id=2276
Bug ID: 2276
Summary: AuthorizedKeysCommand: add an option for alternate
owner
Product: Portable OpenSSH
Version: 6.6p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: alon.barlev at gmail.com
Created attachment 2474
--> https://bugzilla.mindrot.org/attachment.cgi?id=2474&action=edit
AuthorizedKeysCommand-add-an-option-for-alternate-ow.patch
Currently the owner of AuthorizedKeysCommand must be root.
A setup in which sshd is running as non root, can enjoy a complete
and secure environment even if the AuthorizedKeysCommand is owned by a
different user.
This patch adds AuthorizedKeysCommandOwner option to control the
ownership check of the AuthorizedKeysCommand. Default is root, so no
change is done without explicit request.
---
Discussed without response at[1], I thought I give it a chance here.
Looking forward to fix of bug#2081, this and some others to make it
possible to run sshd in complete unprivilged mode, while enjoying all
benefits provided by the implmentation.
Thanks!
[1]
http://lists.mindrot.org/pipermail/openssh-unix-dev/2014-June/032696.html
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list