Subject: sshd/rsa problem with directory permissions/ownership
To: None <firstname.lastname@example.org>
From: Matthias Buelow <email@example.com>
Date: 03/15/2001 21:57:00
today I experienced some problems with sshd and RSA authentication
wrt sshd not being able to access the authorized_keys file which
resides below a directory hierarchy where one directory is not accessible
by sshd after it's seteuid() to the user's uid.
The problem is as following:
Let "homedirs" be the directory under which user home directories are
Let "people" be the primary group of all users of which the home
directories live below homedirs.
Let "user" be a user of group people.
Homedir has owner/group "root"/"people" and permissions "rwxr-x---".
This was setup this way so that users who are not in group people cannot
access homedirs or anything below it.
User has properly setup his account for RSA authentication by adding
the remote machine's identity.pub to the .ssh/authorized_keys file.
Now user connects to the sshd.
What happens is: sshd sets the effective user id to user's uid(only uid,
gid stays as it is) and attempts to read homedirs/user.ssh/authorized_keys.
This fails, since sshd now runs as user/wheel whereas homedirs can only
be accessed by root/people.
Setting o+x on "homedirs" works around this problem but may not be the
desired solution. I'd like to know now if it would be adequate for
sshd to also setegid() to user's gid instead of keeping gid 0.
At least in this particular case, sshd could then access homedirs
without the need of having to give directory access to non-group members.
This will of course fail if homedirs' got a totally unrelated group-id
but this would (imho) be a rather rare case.