Bug#103677: ssh-agent no longer seems to loop with bad permissions

To: Debian Bug Tracking System <103677@bugs.debian.org>
Subject: Bug#103677: ssh-agent no longer seems to loop with bad permissions
From: Dave Page <grimoire@sparky.ox.compsoc.net>
Date: Wed, 27 Jul 2005 18:43:57 +0100
Message-id: <[🔎] 20050727174357.GA963@antipode.bike-shed.org.uk>
Reply-to: Dave Page <grimoire@sparky.ox.compsoc.net>, 103677@bugs.debian.org

Package: ssh
Version: 1:3.8.1p1-8.sarge.4
Followup-For: Bug #103677

Just to say, since bug #103677 is four years old and still open, that
the version of ssh in the current Debian stable release (3.1) does not
exhibit this behaviour:

grimoire@host:~$ ssh-agent bash
grimoire@host:~$ ls -l .ssh/id_rsa
-rw-------  1 grimoire grimoire 887 2005-07-27 18:21 .ssh/id_rsa
grimoire@host:~$ ssh-add
Identity added: /home/grimoire/.ssh/id_rsa (/home/grimoire/.ssh/id_rsa)
grimoire@host:~$ ssh-add -l
1024 7e:ab:79:67:32:17:43:40:ec:42:f7:e5:90:26:f3:a0 /home/grimoire/.ssh/id_rsa (RSA)
grimoire@host:~$ ssh-add -D
All identities removed.
grimoire@host:~$ chmod g+r .ssh/id_rsa
grimoire@host:~$ ssh-add
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0640 for '/home/grimoire/.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /home/grimoire/.ssh/id_rsa
Enter passphrase for /home/grimoire/.ssh/id_rsa:
grimoire@host:~$ ssh-add -l
The agent has no identities.

I'm hoping that this bug can be closed now ;)

Dave

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1)

Versions of packages ssh depends on:
ii  adduser                3.63              Add and remove users and groups
ii  debconf                1.4.30.13         Debian configuration management sy
ii  dpkg                   1.10.28           Package maintenance system for Deb
ii  libc6                  2.3.2.ds1-22      GNU C Library: Shared libraries an
ii  libpam-modules         0.76-22           Pluggable Authentication Modules f
ii  libpam-runtime         0.76-22           Runtime support for the PAM librar
ii  libpam0g               0.76-22           Pluggable Authentication Modules l
ii  libssl0.9.7            0.9.7e-3          SSL shared libraries
ii  libwrap0               7.6.dbs-8         Wietse Venema's TCP wrappers libra
ii  zlib1g                 1:1.2.2-4.sarge.2 compression library - runtime

-- debconf information:
  ssh/insecure_rshd:
  ssh/ssh2_keys_merged:
  ssh/user_environment_tell:
* ssh/forward_warning:
  ssh/insecure_telnetd:
  ssh/new_config: true
* ssh/use_old_init_script: true
  ssh/protocol2_only: true
  ssh/encrypted_host_key_but_no_keygen:
  ssh/run_sshd: true
  ssh/SUID_client: true
  ssh/disable_cr_auth: false

Reply to:

Prev by Date: Bug#320104: ssh: Xforwarding is disabled and is not a debconf option either
Next by Date: Bug#154645: ssh does read /etc/hosts
Previous by thread: Bug#320104: ssh: Xforwarding is disabled and is not a debconf option either
Next by thread: Bug#154645: ssh does read /etc/hosts
Index(es):
- Date
- Thread