This is the mail archive of the
mailing list for the Cygwin project.
Re: sshd and authorized_keys
- From: Igor Pechtchanski <pechtcha at cs dot nyu dot edu>
- To: Michele Petrazzo <michele dot petrazzo at unipex dot it>
- Cc: cygwin at cygwin dot com
- Date: Thu, 24 Feb 2005 10:50:58 -0500 (EST)
- Subject: Re: sshd and authorized_keys
- References: <421DEAF3.email@example.com>
- Reply-to: cygwin at cygwin dot com
On Thu, 24 Feb 2005, Michele Petrazzo wrote:
> I'm making some test with sshd and authorized_keys.
> I'm able to login without password from a client, but I want to
> move the authorized_keys from ~/.ssh/ to another directory, for
> example /ssh/keys/authorized_keys, because I want to use only one
> key (I have only one user that can login into this machine)
> sshd say me:
> debug1: trying public key file /ssh/keys/authorized_keys
> Authentication refused: bad ownership or modes for directory /
> I don't want to modify ownership of / !
> Is there a method to tell to sshd to don't make control of
> Or, is there a method for make my idea work?
Sure. Move the "ssh" directory one level down, and set the permissions on
the containing directory appropriately. E.g.,
mkdir /private && chmod 755 /private && mv /ssh /private
However, I don't see why you're so resistant with making "/" non-writeable
for anyone that's not your user... Since you're the only user on the
machine, the only other concievable users that would be affected are
internal Windows users, like "LocalSystem" (a.k.a. SYSTEM), and I can see
no reason in allowing them to write to "/" (you can always make
subdirectories of root writeable).
|\ _,,,---,,_ firstname.lastname@example.org
ZZZzz /,`.-'`' -. ;-;;,_ email@example.com
|,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D.
'---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!
"The Sun will pass between the Earth and the Moon tonight for a total
Lunar eclipse..." -- WCBS Radio Newsbrief, Oct 27 2004, 12:01 pm EDT
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html