This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
RE: Is RSA authentication on SSH still broken?
- From: "Harig, Mark A." <maharig at idirect dot net>
- To: <cygwin at cygwin dot com>
- Date: Mon, 11 Nov 2002 10:32:06 -0500
- Subject: RE: Is RSA authentication on SSH still broken?
> > chmod 700 ~ && \
> ^^^^^^^^^^^
> This is your problem. By setting home and .ssh to 700 you
> disallow sshd to
> stat() ~/.ssh. Cygwin has two chances to retrieve
> information about a file
> or directory, by either calling FindFileFirst() or by trying
> to open the
> file and calling various Win32 access functions.
>
> FindFileFirst() requires to have read permissions on the
> parent directory,
> opening the file/dir requires read permissions on it. If home as well
> as .ssh are 700, sshd has neither of these rights ==> The
> check for .ssh
> fails.
OK. So, it appears that Cygwin users
of openssh have one of two options:
1. chmod 700 ~
chgrp 18 ~/.ssh
chmod 750 ~/.ssh
or
2. chmod 755 ~
chmod 700 ~/.ssh
Do you have a recommendation on which of
these two options is more secure?
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/