Is RSA authentication on SSH still broken?
Harig, Mark A.
maharig@idirect.net
Mon Nov 11 07:32:00 GMT 2002
> > chmod 700 ~ && \
> ^^^^^^^^^^^
> This is your problem. By setting home and .ssh to 700 you
> disallow sshd to
> stat() ~/.ssh. Cygwin has two chances to retrieve
> information about a file
> or directory, by either calling FindFileFirst() or by trying
> to open the
> file and calling various Win32 access functions.
>
> FindFileFirst() requires to have read permissions on the
> parent directory,
> opening the file/dir requires read permissions on it. If home as well
> as .ssh are 700, sshd has neither of these rights ==> The
> check for .ssh
> fails.
OK. So, it appears that Cygwin users
of openssh have one of two options:
1. chmod 700 ~
chgrp 18 ~/.ssh
chmod 750 ~/.ssh
or
2. chmod 755 ~
chmod 700 ~/.ssh
Do you have a recommendation on which of
these two options is more secure?
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list