allow multiple users
Chris Wilson
chris at qwirx.com
Mon Apr 26 22:32:34 EST 2010
Hi all,
On Mon, 26 Apr 2010, Eitan Adler wrote:
> On Mon, Apr 26, 2010 at 2:34 PM, Adriana Rodean <adrya1984 at gmail.com> wrote:
>> And user A to be able to write in user B authorized_keys file?
>
> This is the exact scenario the "invalid permissions" error is trying to
> prevent. One way for you to allow user A to write to user B's files
> without changing B's permissions to write a setuid program which will
> only let you add/change/delete a key in authorized_keys.
>
> Another option is to add "StrictModes no" to sshd_config.
>
>> Right now i have this option in sshd_config:
>> AuthorizedKeysFile: /home/A/glassfish/domains/domain1/config/authorized_keys
Another option is to have the authorized_keys file, and all its parent
directories, owned by root, and not writable by anyone else. E.g. put it
into /etc/ssh/domains/domain1/config/authorized_keys.
If user B really needs to write to user A's keys file, they could use sudo
to do so.
Cheers, Chris.
--
_ ___ __ _
/ __/ / ,__(_)_ | Chris Wilson <0000 at qwirx.com> - Cambs UK |
/ (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Perl/SQL/HTML Developer |
\ _/_/_/_//_/___/ | We are GNU-free your mind-and your software |
More information about the openssh-unix-dev
mailing list