Bug 3347

Summary: Option to override file permission restrictions
Product: Portable OpenSSH Reporter: Jordan Macdonald <macdjord>
Component: sshAssignee: Assigned to nobody <unassigned-bugs>
Status: NEW ---    
Severity: enhancement CC: macdjord, will.brokenbourgh2877
Priority: P5    
Version: -current   
Hardware: All   
OS: Linux   

Description Jordan Macdonald 2021-09-18 08:18:49 AEST 
`ssh` enforces that certain files have restricted access permissions - e.g. that `.ssh/config` not be writeable by anyone but the user, and that private key files not be writable or readable - or else the file will be ignored. This is a good security practice, and makes sense as the default. However, there are times when it is *not* possible to satisfy these requirements, and for such situations there needs to be an option to override or bypass these restrictions when that happens.

For example, my own use case: I have a Linux VM which has some directories mapped in from the Windows host machine. Since the Windows file system doesn't support Unix-style file permissions, everything in these mounted directories appears permanently world-writable, which makes it *impossible* to use any SSH key or config files inside there.
Comment 1 Will B 2022-09-14 07:40:25 AEST 
I would also like to request this.  I understand the implications on Unix-like systems, but for Windows this is a major time-waster.  It took about 15 minutes too long to do a simple scp using an id file on Windows.  I had to find and implement the Windows file security settings that would be acceptable to OpenSSH -- for *one* file -- then actually get on with the task of performing the scp.

Maybe to some this is a minor thing, but when time is money, and Microsoft is using your project, this should definitely be either bypassed or a setting provided.  Without cygwin or msys, you cannot simply issue chmod 600 * on Windows and everything is then okay.

Thanks! :-)