On Tue, 30 Jan 2007, Ryan Findley wrote:

> My question: is there a way to have ssh and/or sshd tell you WHY a
> public key is being rejected (specifically the permissions thing)?
> If so, can someone point me at a good document? I'm using OpenSSH
> 3.9p1 under RHEL4 (at the moment) and can upgrade if it's in a newer
> version.
> If not, would the OpenSSH team consider adding this feature? I'm
> betting I could probably manage the changes necessary, and submit a
> patch...


I don't think we want to tell the client exactly what is wrong
wrt authorized_keys permissions. How do you know the client is not
evil before you tell them that their authorized_keys is word-writable?

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://lists.mindrot.org/mailman/lis...enssh-unix-dev