~/.ssh/config permissions
Alon Bar-Lev
alon.barlev at gmail.com
Sun Nov 15 18:55:54 AEDT 2015
Hi,
Working with apache-sshd I found that it forces ~/.ssh/config to be
owned by user without group/others permissions. It failed for me
within my valid openssh environment.
Within sources (readconf.c::read_config_file), I found that openssh
only enforces ownership by user and not group/others write.
When I opened an issue, I was referred to this[1] wiki page (not sure
who maintain it) claiming that:
"""
This file must not be accessible to other users in any way. Set strict
permissions: read/write for the user, and not accessible by others. It
may group-writable if and only if that user is the only member of the
group in question.
"""
Personally, I prefer the sources as a reference, but as this wiki page
is source for information for some, and find no reason why this file
is sensitive for read.
I would like to know what is the expected behaviour.
Regards,
Alon Bar-Lev.
[1] https://en.wikibooks.org/wiki/OpenSSH/Client_Configuration_Files#.7E.2F.ssh.2Fconfig
More information about the openssh-unix-dev
mailing list