This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
RE: Is RSA authentication on SSH still broken?
- From: "Harig, Mark A." <maharig at idirect dot net>
- To: <cygwin at cygwin dot com>
- Date: Thu, 7 Nov 2002 18:54:48 -0500
- Subject: RE: Is RSA authentication on SSH still broken?
>
> First, the directory permission doesn't restrict the access for SYSTEM
> due to the standard "Bypass traverse checking" setting on NT.
> So setting
> the .ssh permissions to 0700 is perfectly fine.
>
I must be missing a piece of information. Setting the
permissions of ~/.ssh to 700 causes ssh to require me
to enter a password, that is, the encryption-key processing
is failing. Setting the permissions of ~/.ssh to 750 (if
the group setting is SYSTEM) or to 755 (if the group setting
is not SYSTEM) allows ssh to access the encryption-key files.
> Second, I don't see the point in setting the permissions of
> .ssh/authorized_keys to 0600 at all. The content of that
> file is a list
> of the *public* part of the keys so it's their intent to be
> readable by
> anybody.
That was my understanding also. I assumed that my understanding
was incorrect because ssh would report that my permissions for
~/.ssh/authorized_keys was too open. I'm unable to reproduce that
at this time. This issue is closed as far as I am concerned, until
I can reproduce the problem.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/