Re: beginner can't get public key auth.
From: Darren Tucker (dtucker@dodgy.net.au)
Date: 01/27/03
- Next message: Jens Kleineheismann: "OpenSSH + KerberosV + GSSAPI"
- Previous message: Andras Szekely: "Re: linux hop-by-hop auomated SSH login"
- In reply to: Richard E. Silverman: "Re: beginner can't get public key auth."
- Next in thread: SkateOroma: "Re: beginner can't get public key auth."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: dtucker@dodgy.net.au (Darren Tucker) Date: Mon, 27 Jan 2003 09:43:05 GMT
In article <m1lsmvfdrmb.fsf@syrinx.oankali.net>,
Richard E. Silverman <slade@shore.net> wrote:
>>>>>> "DT" == Darren Tucker <dtucker@dodgy.net.au> writes:
> DT> See secure_filename() in auth.c.
>
>You are mistaken -- read the code again, especially near the comment:
>
>Besides, if you had tested it before posting, you would have found
>empirically that those permissions do not matter.
I stand corrected for the current version, however I've seen it happen
in the past. A quick look at the cvs commit logs (rev 1.33 if you're
curious) shows that it was changed about 2.9.9 and since the the
poster's version was unspecified, it *could* have been the cause.
As it turned out, it wasn't, so let me qualify the original statement:
In some versions below 2.9.9 OpenSSH's sshd will check all the
directories up to the root.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- Next message: Jens Kleineheismann: "OpenSSH + KerberosV + GSSAPI"
- Previous message: Andras Szekely: "Re: linux hop-by-hop auomated SSH login"
- In reply to: Richard E. Silverman: "Re: beginner can't get public key auth."
- Next in thread: SkateOroma: "Re: beginner can't get public key auth."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
