please remove permission check that disallows private-group access.
Wolfgang S. Rupprecht
wolfgang.rupprecht at gmail.com
Tue Oct 23 07:58:00 AEDT 2018
Damien Miller <djm at mindrot.org> writes:
> We don't plan to remove this check. Accidental key exposure is still an
> unfortunately common problem and, while this check isn't perfect, I'm
> pretty sure that it avoids enough real-world misconfiguration to
> justify it's continued existence.
Maybe the check could have a configuration option to disable it? That
ways newbies would still be protected but folks that need to use the
group permissions to sort out NFS / UID issues could still use ssh
without going to great lengths to circumvent the check?
-wolfgang
More information about the openssh-unix-dev
mailing list