Vincent Danjean wrote: > I'm happy with this move. However, there is still an interaction with ssh > to deal with: > vdanj...@eyak:~$ chmod -Rv g+w .ssh/authorized_keys > vdanj...@eyak:~$ ssh localhost > vdanj...@localhost's password: > And, in /var/log/auth.log: > May 14 09:42:17 eyak sshd[1618]: Authentication refused: bad ownership or > modes for file /home/vdanjean/.ssh/authorized_keys > > vdanj...@eyak:~$ chmod -Rv g-w .ssh/authorized_keys > le mode de « .ssh/authorized_keys » a été modifié en 0644 (rw-r--r--). > vdanj...@eyak:~$ ssh localhost > You have mail. > Last login: Tue May 11 17:10:30 2010 > vdanj...@eyak:~$ > > My system is in UPG but I was using default umask 022
FWIW, for openssh this is supposed to be fixed in version 1:4.1p1-3. See #314347. It was changed to allow group-writable files if the owner is the only member in the group. -- see shy jo
signature.asc
Description: Digital signature
