[PLUG] Perms and ownership of ~/.ssh?

Jason LaPier jason.lapier at gmail.com
Tue Jan 24 20:22:22 UTC 2012


On Tue, Jan 24, 2012 at 12:10 PM, Rich Shepard <rshepard at appl-ecosys.com>wrote:

>   My secure log watch summary keeps telling me there's a problem with
> ownership or permissions on ~/.ssh. Currently it's 755 and owned by me.
> I've
> not changed it so I don't know why I'm suddenly getting this error. The
> exact message is:
>
>  Authentication refused:
>     bad ownership or modes for directory /home/rshepard/.ssh : 6 Time(s)
>
>   Since I logged in remotely via ssh 6 times yesterday (from Carson City
> and
> Reno), I suppose the authentication messages refer to those connections.
> But, they went through with no problems.
>
>   Can someone explain what the message might be telling me?
>

Your .ssh directory is not supposed to be world readable; if you were on a
box that someone else had access to (I suspect you're not), they could
navigate to your home directory, copy your private keys out of .ssh, and
then log in as you on any box that has your public key already.

Like I said, you probably don't have much to worry about if you're the only
user on that box, but if you want to set it up properly, set your .ssh
directory to 700 (and any files within to 600).

- Jason



More information about the PLUG mailing list