Bug 219

Summary:

authorized_keys documentation

Product:

Portable OpenSSH

Reporter:

brian <bfallik>

Component:

Documentation

Assignee:

OpenSSH Bugzilla mailing list <openssh-bugs>

Status:

CLOSED INVALID

Severity:

normal

Priority:

Version:

-current

Hardware:

Other

OS:

Other

Attachments:

Description	Flags
Change authorized_keys description.	none

Description brian 2002-04-17 07:23:17 AEST

Please correct the authorized_keys permissions in the man page.  The man page
only says "It is recommended that it not be accessible by others" but it should
say "It is required that it not be accessible by any other users."

I'm refering to the man page for sshd, the Files section, the authorized_keys
sub-bullet.

Comment 1 Markus Friedl 2002-04-18 06:08:12 AEST

hm, it's just required for StrictModes=yes.

Comment 2 Darren Tucker 2003-06-28 14:52:09 AEST

Created attachment 340 [details]
Change authorized_keys description.

How about something like the attached?	Or should this bug be closed as
WONTFIX?

Comment 3 Ben Lindstrom 2003-06-28 16:49:06 AEST

I'm not following the complaint here..

$ ls -l .ssh/authorized_keys
-rw-r--r--  1 mouring  mouring  460 Apr 27 02:09 .ssh/authorized_keys

$ grep Strict /etc/ssh/sshd_config
#StrictModes yes

I have zero problems with this configuration.  So the manpage is correct.  
Recommended but not required even with StrictMode.  

Doing a quick source check to verify my memory the StrictMode ensures 022 mask 
on most files/directories along with uid ownership.

BTW, ssh manpage has the same section.  So remember to check other manpages to 
ensure your keeping consistancy.

Comment 4 Damien Miller 2004-04-14 12:24:18 AEST

Mass change of RESOLVED bugs to CLOSED