Is there a way to tell the sshd to ignore the security check on t he user's home permissions?
Matt Studley
mjs at ams.org
Thu Feb 21 02:59:31 EST 2002
I believe that you can set the StrictModes option to 'no' in the
sshd_config file and this will skip the security check. This is strongly
discouraged however, as it is a security risk. Even if StrictModes is set
enabled, you can defeat it by compiling sshd with the
--enable-group-writeability flag which makes group writable files
acceptable to StrictModes (if this is in fact what you want). A note,
sshd does not check ACL's so you might use this avenue to accomplish what
you want. Hope this helps.
Matt Studley
American Mathematical Society
UNIX Sys Admin "Quantum Mechanics -
mjs at ams.org The dreams that stuff is made of"
On Wed, 20 Feb 2002 william.hahn at ps.ge.com wrote:
> Is there a way to tell the sshd to ignore the security check on the user's
> home permissions?
>
>
> debug3: secure_filename: checking '/ftpdata/pxdata/pold/data/.ssh'
> debug3: secure_filename: checking '/ftpdata/pxdata/pold/data'
> Authentication refused: bad ownership or modes for directory
> /ftpdata/pxdata/fold/data
> debug1: restore_uid
> debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss
> Failed publickey for bold from 3.72.144.164 port 1201 ssh2
> Authentication refused: bad ownership or modes for directory
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>
More information about the openssh-unix-dev
mailing list