On Fri, Oct 27, 2000 at 07:38:36AM +0200, Robert Waldner wrote: > Of yourse, the sshd processs has to be able to read the files, so ~, ~/ > .ssh and ~/.ssh/authorized_keys have to accessible for world. > > A "chmod goa+r ~/.ssh" should do the trick, someone correct me if I´m > wrong.
wrong, first just to nitpick the a+ in chmod includes g and o, so goa+ is redundant. second sshd runs as root so world read is NOT required for RSA/DSA to work properly (caveat, i use OpenSSH 1.whatever from potato): [EMAIL PROTECTED] eb]$ ls -ld ~ drwxr-x--- 49 eb users 4096 Oct 26 23:32 /home/eb [EMAIL PROTECTED] eb]$ ls -ld .ssh/ d--x------ 2 eb eb 4096 Oct 11 22:33 .ssh/ [EMAIL PROTECTED] eb]$ ls -ld .ssh/authorized_keys -r-------- 1 eb eb 1777 Oct 11 22:23 .ssh/authorized_keys [EMAIL PROTECTED] eb]$ ssh works quite fine here. what ssh is worried about is group or world write permission anywhere in the path to ~/.ssh/authorized_keys. which oddly enough did not appear to be the case from the original post. only thing i can think of is /home itself had bogus permissions, but i doubt it since debian leaves this 2775 in the base install... -- Ethan Benson http://www.alaska.net/~erbenson/
pgp9ZpKpYHOBN.pgp
Description: PGP signature
