Use of non-user readable (null password) private keys
Piete Brooks
Piete.Brooks at cl.cam.ac.uk
Tue Mar 27 23:11:08 EST 2001
Executive summary: Why can I not have a private key which is `public' ?
Gory details ....
I'm new to openssh. I've been using ssh for years. However, I'm in the process
of investigating RH 7.* (0.91 at the moment) and am wanting to be as
`standard' as possible, so trying openssh.
I looked on http://www.openssh.com/list.html but could not find a list for
"general OpenSSH discussion", but this was the closest match, so I'll call it
a bug :-)
We use a client/server model with no `user' accounts on servers.
There are certain operations which a user may require to run with certain
privs, and we use ssh to do this. The capability may be given to an individual
user (user-only-readable in their .ssh/), a group (using UN*X group semantics)
or may be accessible to all users of a particular machine or set of machines
(e.g. when a user changes their password, a process is woken up on the
password server).
This all worked fine under ssh, but under openssh load_private_key() does a
(st.st_mode & 077) != 0) {
and then complains that it is readable and won't use it. (it says "It is
recommended that your private key files are NOT accessible by others." but
appears to implement somewhat more than a `recommendation' !)
Is this bug intended as a feature ? [ :-) ]
I can see no code to disable this test [ other than setting HAVE_CYGWIN and
writing a check_ntsec() which returns FALSE :-) ]
More information about the openssh-unix-dev
mailing list