http://bugzilla.mindrot.org/show_bug.cgi?id=988
Summary: sshd StrictModes check failed with fs acl
Product: Portable OpenSSH
Version: 3.9p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: coil93@mail.ee
Tested on reiserfs (Suse linux 9.2)
How to repeat:
1) StrictModes and PubkeyAuthentication must be enabled for sshd on remote host
2) Create user test on remote host with homedir /home/test
and homedir permissions - owner test, mode 0700
3) Create authkeys pair for user test and cat public key into
/home/test/.ssh/authorized_keys
4) Set acl on /home/test like "setfacl -m u:test:rwx /home/test"
5) Try to login as test on remote host via ssh
Results:
PubkeyAuthentication failed.
sshd error message:
"debug1: trying public key file /home/test/.ssh/authorized_keys
debug3: secure_filename: checking '/home/test/.ssh'
debug3: secure_filename: checking '/home/test'
Authentication refused: bad ownership or modes for directory /home/test"
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Summary: sshd StrictModes check failed with fs acl
Product: Portable OpenSSH
Version: 3.9p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: coil93@mail.ee
Tested on reiserfs (Suse linux 9.2)
How to repeat:
1) StrictModes and PubkeyAuthentication must be enabled for sshd on remote host
2) Create user test on remote host with homedir /home/test
and homedir permissions - owner test, mode 0700
3) Create authkeys pair for user test and cat public key into
/home/test/.ssh/authorized_keys
4) Set acl on /home/test like "setfacl -m u:test:rwx /home/test"
5) Try to login as test on remote host via ssh
Results:
PubkeyAuthentication failed.
sshd error message:
"debug1: trying public key file /home/test/.ssh/authorized_keys
debug3: secure_filename: checking '/home/test/.ssh'
debug3: secure_filename: checking '/home/test'
Authentication refused: bad ownership or modes for directory /home/test"
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.