Re: UPG and the default umask
On 15/05/2010 03:12, Joey Hess wrote:
> Vincent Danjean wrote:
>> I'm happy with this move. However, there is still an interaction with ssh
>> to deal with:
>> vdanjean@eyak:~$ chmod -Rv g+w .ssh/authorized_keys
>> vdanjean@eyak:~$ ssh localhost
>> vdanjean@localhost's password:
>> And, in /var/log/auth.log:
>> May 14 09:42:17 eyak sshd[1618]: Authentication refused: bad ownership or modes for file /home/vdanjean/.ssh/authorized_keys
>>
>> vdanjean@eyak:~$ chmod -Rv g-w .ssh/authorized_keys
>> le mode de « .ssh/authorized_keys » a été modifié en 0644 (rw-r--r--).
>> vdanjean@eyak:~$ ssh localhost
>> You have mail.
>> Last login: Tue May 11 17:10:30 2010
>> vdanjean@eyak:~$
>>
>> My system is in UPG but I was using default umask 022
>
> FWIW, for openssh this is supposed to be fixed in version 1:4.1p1-3.
> See #314347. It was changed to allow group-writable files if
> the owner is the only member in the group.
Somethink is wrong here. Should 314347 be reopened ?
vdanjean@eyak:~$ LC_ALL=C apt-cache policy openssh-server
openssh-server:
Installed: 1:5.5p1-3
Candidate: 1:5.5p1-3
Version table:
*** 1:5.5p1-3 0
500 http://ftp.fr.debian.org unstable/main Packages
500 http://ftp.fr.debian.org testing/main Packages
100 /var/lib/dpkg/status
1:5.1p1-5 0
500 http://ftp.fr.debian.org stable/main Packages
1:4.3p2-9etch3 0
500 http://ftp.fr.debian.org oldstable/main Packages
vdanjean@eyak:~$ cat /etc/group /etc/passwd | grep '^vdanjean'
vdanjean:x:1000:
vdanjean:x:1000:1000:Vincent Danjean,,,:/home/vdanjean:/bin/bash
vdanjean@eyak:~$
--
Vincent Danjean GPG key ID 0x9D025E87 vdanjean@debian.org
GPG key fingerprint: FC95 08A6 854D DB48 4B9A 8A94 0BF7 7867 9D02 5E87
Unofficial packages: http://moais.imag.fr/membres/vincent.danjean/deb.html
APT repo: deb http://perso.debian.org/~vdanjean/debian unstable main
Reply to: