Re: Question about SSH2 authorized_keys and StrictMode

From: G. Berg (gerand@web.de)
Date: 02/12/02 

From: "G. Berg" <gerand@web.de>
Date: Tue, 12 Feb 2002 23:22:32 +0100

Hello.

Thanks for your quick response.

I have the checked the Direcory and the files listed below. None of them
has group/other read or write or execute permission. I do not have any
.rhost or .shosts files in my directory.

mfg
GB

Pascal wrote:
> "G. Berg" <gerand@web.de> wrote in message news:<3C685FBA.8090702@web.de>...
>
>>Hello NG!
>>
>>I have got some problems with SSH2 and the StrictMode.
>>...
>>That are my permissions on the remote server:
>>
>>-rw------- 1 fred root 682 Jan 31 18:58 authorized_keys
>>-rw------- 1 fred root 608 Feb 7 01:40 authorized_keys2
>>-rw------- 1 fred root 672 Feb 7 01:40 id_dsa
>>-rw------- 1 fred root 546 Jan 31 18:58 identity
>>-rw------- 1 fred root 350 Jan 31 18:58 identity.pub
>>-rw------- 1 fred root 1654 Feb 9 20:04 known_hosts
>>-rw------- 1 fred root 512 Feb 12 00:37 random_seed
>>
>>
> Hi,
>
> according to the Barrett/Silverman book, OpenSSH (which seems to be in
> question here) checks the following files/directories for being owned
> by the account owner or root and not being writable by group and
> world:
> - ~ directory
> - ~/.rhosts, ~/.shosts
> - ~/.ssh directory
> - ~/.ssh/authorized_keys
> - ~/.ssh/authorized_keys2
>
> As you only showed the permissions of some files but not the mentioned
> directories, the crook could be the wrong (means unsecure) permissions
> for these directories.
>
> Pascal.
>

Relevant Pages

  • Re: "RAMNIT desktoplayer" Worm Removal Guide
    ... The ability to define permissions on folders and files have been present ... you can change the security on that folder and its child objects. ... executables to load from there. ... the execute permission gets removed. ...
    (alt.comp.anti-virus)
  • Re: Permission denied
    ... It's generally best to grant permissions only to roles and then control access via role membership since this simplifies administration. ... Some of the users running this app are ... EXECUTE permission denied on object ... ...
    (microsoft.public.sqlserver.security)
  • Re: generating MS-Excel report through ASP.Net without installing
    ... but adding "MACHINENAME\ASPNET" account to the MS Office ... execute permission may help. ... > permissions through DCOMCNFG for MSExcel application. ... > current web request. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: loadLibrary fails in linux
    ... Now i want to do the same in linux using this code but fails: ... can change the system property java.library.path, but does it actually have any ... to all directories on the path, not just the permissions on file in question. ... You need execute permission on each directory and read on the file. ...
    (comp.lang.java.programmer)
  • Re: file permissions
    ... users have execute permission, not all users can get at the directory, ... I think it has to do with the ability to do something with a command is ... impossible if it only relied on execute permissions. ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)