Bug 988 - sshd StrictModes check failed with fs acl
Summary: sshd StrictModes check failed with fs acl
Status: CLOSED WORKSFORME
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: 3.9p1
Hardware: ix86 Linux
: P2 normal
Assignee: OpenSSH Bugzilla mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-02-28 22:38 AEDT by Juri Malinovski
Modified: 2006-10-07 11:38 AEST (History)
0 users

See Also:

Attachments
debug strictmodes (697 bytes, patch)
2005-03-01 23:03 AEDT, Damien Miller 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Juri Malinovski 2005-02-28 22:38:44 AEDT 
Tested on reiserfs (Suse linux 9.2)

How to repeat:

1) StrictModes and PubkeyAuthentication must be enabled for sshd on remote host
2) Create user test on remote host with homedir /home/test 
 and homedir permissions - owner test, mode 0700 
3) Create authkeys pair for user test and cat public key into    
/home/test/.ssh/authorized_keys
4) Set acl on /home/test like "setfacl -m u:test:rwx /home/test"
5) Try to login as test on remote host via ssh

Results:
PubkeyAuthentication failed. 
sshd error message:
"debug1: trying public key file /home/test/.ssh/authorized_keys
 debug3: secure_filename: checking '/home/test/.ssh'
 debug3: secure_filename: checking '/home/test'
 Authentication refused: bad ownership or modes for directory /home/test"
Comment 1 Damien Miller 2005-03-01 23:03:04 AEDT 
Created attachment 837 [details]
debug strictmodes

Can you try applying this patch and repeating your test. I don't understand why
this fails.
Comment 2 Damien Miller 2005-06-03 12:57:47 AEST 
three months with no reply == no bug
Comment 3 Darren Tucker 2006-10-07 11:38:49 AEST 
Change all RESOLVED bug to CLOSED with the exception of the ones fixed post-4.4.