On 15/05/2010 03:12, Joey Hess wrote: > Vincent Danjean wrote: >> I'm happy with this move. However, there is still an interaction with ssh >> to deal with: >> vdanj...@eyak:~$ chmod -Rv g+w .ssh/authorized_keys >> vdanj...@eyak:~$ ssh localhost >> vdanj...@localhost's password: >> And, in /var/log/auth.log: >> May 14 09:42:17 eyak sshd[1618]: Authentication refused: bad ownership or >> modes for file /home/vdanjean/.ssh/authorized_keys >> >> vdanj...@eyak:~$ chmod -Rv g-w .ssh/authorized_keys >> le mode de « .ssh/authorized_keys » a été modifié en 0644 (rw-r--r--). >> vdanj...@eyak:~$ ssh localhost >> You have mail. >> Last login: Tue May 11 17:10:30 2010 >> vdanj...@eyak:~$ >> >> My system is in UPG but I was using default umask 022 > > FWIW, for openssh this is supposed to be fixed in version 1:4.1p1-3. > See #314347. It was changed to allow group-writable files if > the owner is the only member in the group.
Somethink is wrong here. Should 314347 be reopened ? vdanj...@eyak:~$ LC_ALL=C apt-cache policy openssh-server openssh-server: Installed: 1:5.5p1-3 Candidate: 1:5.5p1-3 Version table: *** 1:5.5p1-3 0 500 http://ftp.fr.debian.org unstable/main Packages 500 http://ftp.fr.debian.org testing/main Packages 100 /var/lib/dpkg/status 1:5.1p1-5 0 500 http://ftp.fr.debian.org stable/main Packages 1:4.3p2-9etch3 0 500 http://ftp.fr.debian.org oldstable/main Packages vdanj...@eyak:~$ cat /etc/group /etc/passwd | grep '^vdanjean' vdanjean:x:1000: vdanjean:x:1000:1000:Vincent Danjean,,,:/home/vdanjean:/bin/bash vdanj...@eyak:~$ -- Vincent Danjean GPG key ID 0x9D025E87 vdanj...@debian.org GPG key fingerprint: FC95 08A6 854D DB48 4B9A 8A94 0BF7 7867 9D02 5E87 Unofficial packages: http://moais.imag.fr/membres/vincent.danjean/deb.html APT repo: deb http://perso.debian.org/~vdanjean/debian unstable main -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4bee3c4d.5080...@free.fr