please remove permission check that disallows private-group access.

David Newall openssh at davidnewall.com
Tue Oct 23 12:39:46 AEDT 2018


On 23/10/18 7:28 am, Wolfgang S. Rupprecht wrote:
> Damien Miller <djm at mindrot.org> writes:
>> We don't plan to remove this check. Accidental key exposure is still an
>> unfortunately common problem and, while this check isn't perfect, I'm
>> pretty sure that it avoids enough real-world misconfiguration to
>> justify it's continued existence.
> Maybe the check could have a configuration option to disable it?


+1.  It's rude of SSH to refuse to use the key it was told to use.  A 
warning is acceptable, as is an option to avoid any kerfuffle.



More information about the openssh-unix-dev mailing list