Re: sshd and authorized_keys

[Igor Pechtchanski <pechtcha at cs dot nyu dot edu>]

On Thu, 24 Feb 2005, Michele Petrazzo wrote:

> I'm making some test with sshd and authorized_keys.
> I'm able to login without password from a client, but I want to
> move the authorized_keys from ~/.ssh/ to another directory, for
> example /ssh/keys/authorized_keys, because I want to use only one
> key (I have only one user that can login into this machine)
> sshd say me:
>
> debug1: trying public key file /ssh/keys/authorized_keys
> Authentication refused: bad ownership or modes for directory /
>
> I don't want to modify ownership of / !
>
> Is there a method to tell to sshd to don't make control of
> ownership?
> Or, is there a method for make my idea work?

Sure.  Move the "ssh" directory one level down, and set the permissions on
the containing directory appropriately.  E.g.,

mkdir /private && chmod 755 /private && mv /ssh /private

However, I don't see why you're so resistant with making "/" non-writeable
for anyone that's not your user...  Since you're the only user on the
machine, the only other concievable users that would be affected are
internal Windows users, like "LocalSystem" (a.k.a. SYSTEM), and I can see
no reason in allowing them to write to "/" (you can always make
subdirectories of root writeable).
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha@cs.nyu.edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor@watson.ibm.com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"The Sun will pass between the Earth and the Moon tonight for a total
Lunar eclipse..." -- WCBS Radio Newsbrief, Oct 27 2004, 12:01 pm EDT

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/