This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: ssh-host-config requires cygminires.dll


Hello again,

I have just checked the ownership of .pub files, and they are readable by everyone.

Brian Dessent wrote:

Brian Dessent wrote:


ssh_host_*_key.pub are owned by the user that has run ssh-host-config
Is it OK ?

If you ran the above commands they should be owned by SYSTEM.  The idea
here is that those files contain the private half of the host's
public/private keypair, and this is sensitive data.  So the file should
be readable only by the account that runs the ssh daemon.  If you are
the only local user then it doesn't really matter much as you can be
trusted, but on an actual multiuser posix system you would want to
restrict the host key files accordingly.


Sorry, I realize I misread. The .pub files are the public half of the keypair, and should be world-readable by anyone. The ones that don't end in .pub are the private half of the keypair and should be restricted.

Brian

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/





--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]