~/.ssh/config permissions

Alon Bar-Lev alon.barlev at gmail.com
Thu Nov 19 00:13:14 AEDT 2015

On 15 November 2015 at 09:55, Alon Bar-Lev <alon.barlev at gmail.com> wrote:
> Hi,
> Working with apache-sshd I found that it forces ~/.ssh/config to be
> owned by user without group/others permissions. It failed for me
> within my valid openssh environment.
> Within sources (readconf.c::read_config_file), I found that openssh
> only enforces ownership by user and not group/others write.
> When I opened an issue, I was referred to this[1] wiki page (not sure
> who maintain it) claiming that:
> """
> This file must not be accessible to other users in any way. Set strict
> permissions: read/write for the user, and not accessible by others. It
> may group-writable if and only if that user is the only member of the
> group in question.
> """
> Personally, I prefer the sources as a reference, but as this wiki page
> is source for information for some, and find no reason why this file
> is sensitive for read.
> I would like to know what is the expected behaviour.

Anyone knows what is the expected behaviour?

> Regards,
> Alon Bar-Lev.
> [1] https://en.wikibooks.org/wiki/OpenSSH/Client_Configuration_Files#.7E.2F.ssh.2Fconfig

More information about the openssh-unix-dev mailing list