Skip to content

Ensure correct permissions for ~/.ssh/config #32

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Ensure correct permissions for ~/.ssh/config #32

wants to merge 1 commit into from

Conversation

rikusilvola
Copy link

This patch automates setting the correct file permissions of the ssh client configuration file, which might otherwise be too permissive, should it already exist.

@rikusilvola
Copy link
Author

I see I've mistakenly created this PR to release branch. Would you like me to cancel this and make another for the master branch?

@dolmen
Copy link
Owner

dolmen commented Dec 8, 2016
edited
Loading

Yes. Make a new PR based on the master branch.
And a better fix would be to set umask before file creation.

@dolmen dolmen added the bug label Dec 8, 2016
@rikusilvola
Copy link
Author

rikusilvola commented Dec 8, 2016
edited
Loading

@dolmen, that is the case already if the filed doesn't exist. This bug only occurs when the config file exists, and has incorrect permissions, thus requiring changing them.

@rikusilvola rikusilvola mentioned this pull request Dec 8, 2016
Closed
@dolmen
Copy link
Owner

dolmen commented Dec 10, 2016

Do you mean that github-keygen should fix a bug introduced by someone else (may be the user himself)? I disagree.
Or maybe the user really wants other permissions than 0600 (for example to share the config with multiple users of the same group) and github-keygen would break that. I do not see any valid reason to be stricter about permissions on ~/.ssh/config than ssh itself (which allows mode 0660 for example).

@dolmen dolmen closed this Dec 10, 2016
@dolmen dolmen removed the bug label Dec 10, 2016
dolmen added a commit that referenced this pull request Dec 15, 2016
@dolmen
Detect bad permissions on ~/.ssh/config (closes #32, #34)
fd4d9f7 
Detect bad permissions and fail, with a fix suggestion.
Contrary to pull requests #32, #34 we do not silently fix the issue
because:
- that is not our responsability: if the user did a bad thing he should
  be aware of it and be empowered to fix it.
- to keep user trust doing things silently is forbidden by our policy.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rikusilvola @dolmen