[Bug 1340901] [NEW] ssh_util.setup_user_keys restricts permission on ssh public keys dir, preventing login
Patrick Lucas
me at patricklucas.com
Fri Jul 11 18:47:18 UTC 2014
Public bug reported:
Bug present in: Ubuntu 14.04 LTS, cloud-init 0.7.5-0ubuntu1
In ssh_util.py, setup_user_keys, which is called by
config.cc_ssh.apply_credentials, changes the permissions of the
directory into which the new user's public ssh key is written.
This directory is found by parsing /etc/ssh/sshd_config for the value of
AuthorizedKeysFile and calling dirname.
In our case, the value of AuthorizedKeysFile is
/etc/authorized_keys.d/%u.pub. This means that cloud-init chmods
/etc/authorized_keys.d to 0700, preventing any user from logging in.
My proposed solution is for setup_user_keys to only chmod and chown the
directory and pubkey file if the file is contained within the user's
home directory.
** Affects: cloud-init (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cloud-init in Ubuntu.
https://bugs.launchpad.net/bugs/1340901
Title:
ssh_util.setup_user_keys restricts permission on ssh public keys dir,
preventing login
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1340901/+subscriptions
More information about the Ubuntu-server-bugs
mailing list