[jira] [Commented] (CLOUDSTACK-2534) [Automation]SSH public key for SSVMs is too open for Vmware hypervisor

Thu, 13 Jun 2013 11:41:38 -0700 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-2534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13682535#comment-13682535
 ] 

Rayees Namathponnan commented on CLOUDSTACK-2534:
-------------------------------------------------


Getting below error, while login into ssvm


[root@auto_ms2 management]# ssh -i 
/usr/share/cloudstack-common/scripts/vm/systemvm/id_rsa.cloud 10.223.250.105 -p 
3922
The authenticity of host '[10.223.250.105]:3922 ([10.223.250.105]:3922)' can't 
be established.
RSA key fingerprint is 6a:03:bb:31:70:04:ce:26:c0:a3:89:c8:b0:ac:b4:ad.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[10.223.250.105]:3922' (RSA) to the list of known 
hosts.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for 
'/usr/share/cloudstack-common/scripts/vm/systemvm/id_rsa.cloud' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: 
/usr/share/cloudstack-common/scripts/vm/systemvm/id_rsa.cloud
Permission denied (publickey).
[root@auto_ms2 management]#

                
> [Automation]SSH public key for SSVMs is too open for Vmware hypervisor
> ----------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-2534
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2534
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: VMware
>            Reporter: Girish Shilamkar
>            Priority: Blocker
>             Fix For: 4.2.0
>
>
> SSH public key is group readable which is security threat.
>  ls -la /usr/share/cloudstack-common/scripts/vm/systemvm/id_rsa.cloud
> -rw-r--r--. 1 root root 1670 May 15 22:54 
> /usr/share/cloudstack-common/scripts/vm/systemvm/id_rsa.cloud

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to