Risk of StrictMode (but read only)

Don Hoover dxh at yahoo.com
Wed Jul 16 00:51:00 EST 2008

Previous message: EOL in stderr of ssh - Linux
Next message: Risk of StrictMode (but read only)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Is there a risk associated with having authorized_keys files set to readable but "StrictMode no"?

I am thinking particularly in the case of having public keys all centralized in a directory in /etc or something.


Is it really a potential hack vector if someone can read a public key, or is the only real danger if they were writable?

---
Don Hoover
dxh at yahoo.com

Previous message: EOL in stderr of ssh - Linux
Next message: Risk of StrictMode (but read only)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the openssh-unix-dev mailing list