Verbose messaging about why public key auth was rejected
Damien Miller
djm at mindrot.org
Sun Feb 4 09:22:49 EST 2007
On Tue, 30 Jan 2007, Ryan Findley wrote:
> My question: is there a way to have ssh and/or sshd tell you WHY a
> public key is being rejected (specifically the permissions thing)?
> If so, can someone point me at a good document? I'm using OpenSSH
> 3.9p1 under RHEL4 (at the moment) and can upgrade if it's in a newer
> version.
> If not, would the OpenSSH team consider adding this feature? I'm
> betting I could probably manage the changes necessary, and submit a
> patch...
I don't think we want to tell the client exactly what is wrong
wrt authorized_keys permissions. How do you know the client is not
evil before you tell them that their authorized_keys is word-writable?
-d
More information about the openssh-unix-dev
mailing list