[OpenAFS-devel] User-friendly Mac OS X patch causes SSH hardship
Atro Tossavainen
Atro.Tossavainen@helsinki.fi
Sun, 4 Feb 2007 21:41:36 +0200 (EET)
Hi,
The permission-faking patch in the Mac OS X port of OpenAFS is
causing some unexpected trouble here.
When users' home directories are on AFS and they have SSH key files
in $HOME/.ssh which they would like to use for logging in to other
computers, OpenSSH throws a tantrum because the permissions appear
too permissive. I imagine it might also not be the only program
that thinks it knows something by virtue of the UNIX mode bits of
the files and directories involved. I am aware of the Finder-related
reasoning for the fake permissions patch, am just wondering if there
is a workaround or a compromise that would satisfy Finder but would
not cause SSH any extra hard times either.
mac% ssh othermachine
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0666 for '$HOME/.ssh/id_dsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: $HOME/.ssh/id_dsa
Enter passphrase for key '$HOME/.ssh/id_dsa':
--
Atro Tossavainen (Mr.) / The Institute of Biotechnology at
Systems Analyst, Techno-Amish & / the University of Helsinki, Finland,
+358-9-19158939 UNIX Dinosaur / employs me, but my opinions are my own.
< URL : http : / / www . helsinki . fi / %7E atossava / > NO FILE ATTACHMENTS