Re: beginner can't get public key auth.
From: Richard E. Silverman (slade@shore.net)
Date: 01/27/03
- Next message: Richard E. Silverman: "Re: beginner can't get public key auth."
- Previous message: SkateOroma: "Re: beginner can't get public key auth."
- In reply to: Darren Tucker: "Re: beginner can't get public key auth."
- Next in thread: Darren Tucker: "Re: beginner can't get public key auth."
- Reply: Darren Tucker: "Re: beginner can't get public key auth."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: slade@shore.net (Richard E. Silverman) Date: 27 Jan 2003 01:38:36 -0500
>>>>> "DT" == Darren Tucker <dtucker@dodgy.net.au> writes:
DT> In article <m1lwukre8q9.fsf@syrinx.oankali.net>,
DT> Richard E. Silverman <slade@shore.net> wrote:
>>>>>>> "DT" == Darren Tucker <dtucker@dodgy.net.au> writes:
DT> And also that /home and / are owned by root and are not group
DT> writable.
>> Why?
DT> Because sshd will check all directories up to the root if
DT> StrictModes is on, and some systems ship with / and /home owned by
DT> bin.bin and group writable.
DT> See secure_filename() in auth.c.
You are mistaken -- read the code again, especially near the comment:
/* If are passed the homedir then we can stop */
Besides, if you had tested it before posting, you would have found
empirically that those permissions do not matter.
-- Richard Silverman slade@shore.net
- Next message: Richard E. Silverman: "Re: beginner can't get public key auth."
- Previous message: SkateOroma: "Re: beginner can't get public key auth."
- In reply to: Darren Tucker: "Re: beginner can't get public key auth."
- Next in thread: Darren Tucker: "Re: beginner can't get public key auth."
- Reply: Darren Tucker: "Re: beginner can't get public key auth."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
