Mail Archives: cygwin/2002/11/07/01:59:54
On Wed, Nov 06, 2002 at 07:19:40PM -0500, Harig, Mark A. wrote:
> >
> > chmod 755 $HOME/.ssh
> > chmod 644 $HOME/.ssh/authorized_keys*
> >
> > I had $HOME set to 700 and authorized_keys* to 600 before and that
> > somehow broke RSA authentication - it is odd that stricter permissions
> > would cause that. I suppose this is because the SYSTEM or
> > sshd user need
> > to read the keys and cannot without the appropriate privileges.
> >
>
> Could this be a bug in Cygwin's implementation of openssh?
It isn't. It's a problem with the permission model of NTFS. Even
though SYSTEM is *the* major player on the machine, it gets an
"access denied" if it has no permissions on a file. Don't ask for
my opinion on this behaviour.
However, since NTFS uses ACLs, you can give SYSTEM explicitely access
to the file:
[~/.ssh]$ chmod 600 authorized_keys
[~/.ssh]$ getfacl authorized_keys
# file: authorized_keys
# owner: corinna
# group: root
user::rw-
group::---
mask::---
other::---
[~/.ssh]$ setfacl -m g:SYSTEM:r-- authorized_keys
[~/.ssh]$ getfacl authorized_keys
# file: authorized_keys
# owner: corinna
# group: root
user::rw-
group::---
group:SYSTEM:r--
mask::---
other::---
HTH,
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin AT cygwin DOT com
Red Hat, Inc.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -