- markus@cvs.openbsd.org 2008/02/04 21:53:00
[session.c sftp-server.c sftp.h]
link sftp-server into sshd; feedback and ok djm@
+ - mcbride@cvs.openbsd.org 2008/02/09 12:15:43
+ [ssh.1 sshd.8]
+ Document the correct permissions for the ~/.ssh/ directory.
+ ok jmc
20080119
- (djm) Silence noice from expr in ssh-copy-id; patch from
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.271 2008/01/19 19:13:28 djm Exp $
+.\" $OpenBSD: ssh.1,v 1.272 2008/02/09 12:15:43 mcbride Exp $
.Dd $Mdocdate$
.Dt SSH 1
.Os
but allows host-based authentication without permitting login with
rlogin/rsh.
.Pp
+.It ~/.ssh/
+This directory is the default location for all user-specific configuration
+and authentication information.
+There is no general requirement to keep the entire contents of this directory
+secret, but the recommended permissions are read/write/execute for the user,
+and not accessible by others.
+.Pp
.It ~/.ssh/authorized_keys
Lists the public keys (RSA/DSA) that can be used for logging in as this user.
The format of this file is described in the
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.237 2007/06/07 19:37:34 pvalchev Exp $
+.\" $OpenBSD: sshd.8,v 1.238 2008/02/09 12:15:43 mcbride Exp $
.Dd $Mdocdate$
.Dt SSHD 8
.Os
but allows host-based authentication without permitting login with
rlogin/rsh.
.Pp
+.It ~/.ssh/
+This directory is the default location for all user-specific configuration
+and authentication information.
+There is no general requirement to keep the entire contents of this directory
+secret, but the recommended permissions are read/write/execute for the user,
+and not accessible by others.
+.Pp
.It ~/.ssh/authorized_keys
Lists the public keys (RSA/DSA) that can be used for logging in as this user.
The format of this file is described above.