[Bug 954620] Re: SSH StrictModes does not work correctly
Christian Kujau
954620 at bugs.launchpad.net
Wed Jul 24 08:20:09 UTC 2013
@Frank: does your home belong to your own per-user group? If so,
StrictMode=yes might notice that and still allow login. In my case:
christian at alice$ ls -ld $HOME
drwx------ 24 christian christian 20480 Jul 23 03:44 /home/christian
=> Now, setting $HOME to 0720 will still allow login with public keys.
But changing the ownership to e.g. ":users" makes StrictMode work.
Note that sshd_config defines "StrictModes" only as "specifies whether
sshd(8) should check file modes and ownership of the user's files and
home directory before accepting login." - i.e. there's no mention what
exactly is "checked". The source may be helpful on that.
** Bug watch added: Debian Bug tracker #119886
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=119886
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/954620
Title:
SSH StrictModes does not work correctly
Status in “openssh” package in Ubuntu:
New
Bug description:
When StrictModes is set to yes in /etc/ssh/sshd_config, I am still
able to successfully log in to my server when .ssh is set to 0775 and
authorized_keys is set to 0664. It seems that StrictModes is not
working as it is supposed to.
This is happening on a fresh install of Ubuntu Server 11.10 64-bit.
frank at localhost:~$ lsb_release -rd
Description: Ubuntu 11.10
Release: 11.10
frank at localhost:~$ apt-cache policy openssh-server
openssh-server:
Installed: 1:5.8p1-7ubuntu1
Candidate: 1:5.8p1-7ubuntu1
Version table:
*** 1:5.8p1-7ubuntu1 0
500 http://us.archive.ubuntu.com/ubuntu/ oneiric/main amd64 Packages
100 /var/lib/dpkg/status
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/954620/+subscriptions
More information about the foundations-bugs
mailing list