GNU bug report logs - #67789
[PATCH] doc: Secure Shell: Add note about sshd and wrong permissions

Previous Next

Full log

Message #8 received at 67789 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: "zero <at> fedora" <shinyzero0 <at> tilde.club>
Cc: 67789 <at> debbugs.gnu.org
Subject: Re: [bug#67789] [PATCH] doc: Secure Shell: Add note about sshd and
 wrong permissions
Date: Thu, 14 Dec 2023 14:43:30 +0100

Hello,

"zero <at> fedora" <shinyzero0 <at> tilde.club> skribis:

> * doc/guix.texi (Home services: Secure Shell): Add note about sshd blocking connections because of wrong permissions

[...]

> +@quotation Note
> +Note that @command{sshd} will block any @command{ssh} connections to you if
> +your files in @file{~/.ssh} have wrong permissions or ownership, as the ones
> +created by this service do. To fix that, you need to set @code{StrictModes=no}
> +in your @command{sshd} configuration
> +@end quotation

I think we’d rather fix the permissions of those files than document the
bug.

On my laptop permissions seem to be good:

--8<---------------cut here---------------start------------->8---
$ ls -ld ~/.ssh/authorized_keys 
lrwxrwxrwx 1 ludo users 59 Dec 10 23:36 /home/ludo/.ssh/authorized_keys -> /gnu/store/k79g5iaaa7gij52nrbhjz6fqq7banzdz-authorized_keys
$ ls -ld ~/.ssh 
drwx------ 3 ludo users 4096 Dec 10 23:36 /home/ludo/.ssh/
$ ssh localhost uname
Linux
--8<---------------cut here---------------end--------------->8---

Maybe there are cases when this is not the case, maybe when ~/.ssh does
not exist prior to running ‘guix home reconfigure’?

Thanks,
Ludo’.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.