[Bug 2364] New: Incorrect .ssh parent directory permissions not logged

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Mar 12 04:05:31 AEDT 2015


https://bugzilla.mindrot.org/show_bug.cgi?id=2364

            Bug ID: 2364
           Summary: Incorrect .ssh parent directory permissions not logged
           Product: Portable OpenSSH
           Version: 6.6p1
          Hardware: ix86
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: murph.murphy at oracle.com

Created attachment 2566
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2566&action=edit
Output of ssh -v

Overview
  Attempting to ssh (using a key) into a machine that has correct .ssh
  folder permissions but incorrect home directory permissions results
in 
  unexpected behaviour. Instead of logging a message about incorrect 
  permissions, it logs attempts to try keyfiles that don't exist 
  interspersed with messages about which auth methods can continue.

Steps to Reproduce
  1) Set up (rsa) keys between client and server normally.
  2) Set server home directory to world writable.
  3) Attempt to ssh to the server.

Expected Results
  Fails to password, but prints a line in the verbose output about the
  reason being incorrect .ssh parent folder permissions.

Actual Results
  Asks for a password to log in. Verbose mode shows that it is trying a
  several keys that both exist and don't exist, printing a message 
  about what auth modes are allowed, but no information about incorrect 
  permissions.

Versioning
  Server
     OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
  Client
     OpenSSH_6.6.1p1 Ubuntu-2ubuntu2, OpenSSL 1.0.1f 6 Jan 2014
  The exact same problem occurs between two machines on
  OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013 as well.

Additional Information

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list