Please help test recent changes
Darren Tucker
dtucker at dtucker.net
Fri Jan 21 18:55:43 AEDT 2022
On Fri, 21 Jan 2022 at 06:33, Corinna Vinschen <vinschen at redhat.com> wrote:
> [...]
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: UNPROTECTED PRIVATE KEY FILE! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0644 for
> '/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub' are
> too open.
> It is required that your private key files are NOT accessible by others.
> This private key will be ignored.
> Unable to load host key
> "/home/corinna/tmp/openssh/regress/agent-key.ecdsa-sha2-nistp256.pub": bad
> permissions
>
> Shouldn't the testsuite have generated the files with correct permissions
> in the first place? And then again, these are PUB files. Shouldn't
> a 644 permission suffice?
>
I've seen this in the past where the test had cached keys of a type that
the current binaries do not support (eg because the new binaries were
configured without openssl). I think it's because the key code tries the
.pub file when the private key file fails to load. Maybe retry in a
clean directory?
--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list