MAN pages: authorized_keys
JD Cole
listguy at transientresearch.com
Wed Mar 10 19:57:21 EST 2004
Does the StrictModes apply to all files in the users directory, or just
the ssh config files (normally .ssh/)? Just trying to figure out the
scope of StrictModes....
JD
Darren Tucker wrote:
> JD Cole wrote:
>
>> I would like to suggest a change in the ssh documentation for the
>> use of authorized_keys. The man page states:
>>
>> This file is not highly sensitive, but the recommended permissions
>> are read/write for the user, and not accessible by others.
>>
>> I'm may be knit picking, but it could be read that, while not
>> recommended, it is possible to allow access to the authorized_keys
>> file to other users. It seems that this is not the case as an
>> athorized_keys file with group write permissions cause ssh to fall
>> back on manual login.
>
>
> That actually depends on the setting of StrictModes in sshd_config.
>
More information about the openssh-unix-dev
mailing list