This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
RE: Is RSA authentication on SSH still broken?
- From: "Harig, Mark A." <maharig at idirect dot net>
- To: <cygwin at cygwin dot com>
- Date: Mon, 11 Nov 2002 12:06:17 -0500
- Subject: RE: Is RSA authentication on SSH still broken?
> >
> > OK. So, it appears that Cygwin users
> > of openssh have one of two options:
> >
> > 1. chmod 700 ~
> > chgrp 18 ~/.ssh
> > chmod 750 ~/.ssh
> >
> > or
> >
> > 2. chmod 755 ~
> > chmod 700 ~/.ssh
> >
> > Do you have a recommendation on which of
> > these two options is more secure?
>
> According to what I remember about Unix permissions, 'chmod
> 711 ~' should
> suffice. This will allow anyone to access a subdirectory of
> your $HOME
> *if they know the exact path*. Same with ~/.ssh. You can then make
> authorized_keys world-readable without exposing the rest of your home
> directory.
Are you able to make this work?
1. If I 'chmod 711 ~' and 'chmod 700 ~/.ssh',
then ssh is not able to read my private/public keys
(i.e., it prompts me for a password).
2. If I follow that with 'chmod 750 ~', then ssh
allows access without prompting for a password.
Both of these assume 'chgrp 18 ~'.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/