[PATCH] ssh-copy-id should do chmod go-w
Ladner, Eric (CLAD)
CLAD at chevron.com
Thu Oct 4 04:50:29 EST 2001
Doesn't the authorized_keys have to be world readable?
Just checking..
Eric
-----Original Message-----
From: mouring at etoh.eviladmin.org [mailto:mouring at etoh.eviladmin.org]
Sent: Wednesday, October 03, 2001 1:36 PM
Cc: openssh-unix-dev at mindrot.org
Subject: Re: [PATCH] ssh-copy-id should do chmod go-w
On Wed, 3 Oct 2001, Peter W wrote:
> > chmod 700 .ssh; chmod 600 .ssh/authorized_keys
> >
> > makes more sense. Changing ~/ permissions is a local policy issue, and
I
> > know I get peaved when something changes my policy without asking.
>
> What about simply setting the umask to 077 before doing anything? If the
> user has existing files/dirs, they won't be changed, but any new stuff
would
> be safely created.
>
Best idea I've seen so far.
If no one scream...this is what the new line will look like:
{ eval "$GET_ID" ; } | ssh $1 "umask 077; test -d .ssh || mkdir .ssh ; cat
>> .ssh/authorized_keys"
- Ben
More information about the openssh-unix-dev
mailing list