[mdlug] SSH server will not trust the SSH key if the account's home directory is group writeable
Aaron Kulkis
akulkis00 at gmail.com
Tue Oct 14 15:56:44 EDT 2008
Joseph C. Bender wrote:
> gib at juno.com wrote:
>> Has this always been the case:
>> The SSH server will not trust the SSH key if the account's home directory is group writeable.
>>
>
> I don't know about always, one would have to check the source revision
> history to be sure (assuming OpenSSH), but it's been that way for a very
> long time.
>
> This can be changed by changing StrictModes in the sshd_config to "off",
> but this is really really not recommended. A group writable homedir is
> usually a really bad idea anyway, is there another way you can get
> around it?
How about a symbolic link; that way, the file can be
writeable by whoever without having a home directory
writeable by everybody.
More information about the mdlug
mailing list