sshd will refuse to accept public key authentication if the user's home directory is group-accessible, even if ~/.ssh is set to 700? If the permissions on ~/.ssh are acceptable, why do the permissions on ~ matter?
Answer
I guess the reason is that if your home directory is writable by someone else, then a malicious user can create ~/.ssh, add desired keys and then change permissions on it to 700.
Even if you already have a ~/.ssh, it can simply be renamed to something else and a new one created.
However, on modern systems such trick is usually not possible due to chown working only for super-user, this has not always been the case:
In earlier versions of UNIX, all users could run the chown command to change the ownership of a file that they owned to that of any other user on the system. (http://www.diablotin.com/librairie/networking/puis/ch05_07.htm)
Whether chmod behaves one way or another depends on libc compilation options, and for the sake of security OpenSSH server is slightly paranoid.
No comments:
Post a Comment