On Tue, 30 Jan 2007, Ryan Findley wrote:

> My question: is there a way to have ssh and/or sshd tell you WHY a
> public key is being rejected (specifically the permissions thing)?
> If so, can someone point me at a good document? I'm using OpenSSH
> 3.9p1 under RHEL4 (at the moment) and can upgrade if it's in a newer
> version.
> If not, would the OpenSSH team consider adding this feature? I'm
> betting I could probably manage the changes necessary, and submit a
> patch...

I don't think we want to tell the client exactly what is wrong
wrt authorized_keys permissions. How do you know the client is not
evil before you tell them that their authorized_keys is word-writable?

openssh-unix-dev mailing list