Documentation error: wrong permissions given in FAQ

Damien Miller djm at mindrot.org
Wed Aug 7 18:55:40 EST 2013


On Wed, 7 Aug 2013, Joe Carroll wrote:

> Hi,
>
> I discovered yesterday that the instructions given at
> http://www.openssh.org/faq.html#3.14 regarding the correct permissions
> for the authorized_keys file mistakenly recommend chmod'ing the
> file to 600 when it should be 644. The requirement for public key
> authentication to work is in fact that ~/.ssh/authorized_keys is
> readable (but not writable) by group and other, not just owner.
> Someone should probably update the project's official FAQ accordingly
> to avoid future confusion. Unfortunately, I did not realise the error
> in this documentation before it caused me a great deal of frustration
> configuring chrooted key-only access to our server (Ubuntu 12.04 LTS).

Mode 0600 works fine for authorized keys and, while ssh will still
accept this file with slightly looser permissions, it's best to keep
them as tight as possible unless there is a good reason otherwise.

-d


More information about the openssh-unix-dev mailing list