Debian Bug report logs - #163202
ssh: ssh with public key authentication seems paranoid about home dir permissions

version graph

Package: ssh; Maintainer for ssh is Debian OpenSSH Maintainers <[email protected]>; Source for ssh is src:openssh (PTS, buildd, popcon).

Reported by: era eriksson <[email protected]>

Date: Thu, 3 Oct 2002 12:48:01 UTC

Severity: normal

Found in version 1:3.4p1-1

Full log

Message #10 received at [email protected] (full text, mbox, reply):

Received: (at 163202) by bugs.debian.org; 4 Oct 2002 06:49:43 +0000
From [email protected] Fri Oct 04 01:49:43 2002
Return-path: <[email protected]>
Received: from rhols66.adsl.netsonic.fi (there.afraid.org) [194.29.198.66] 
	by master.debian.org with esmtp (Exim 3.12 1 (Debian))
	id 17xMHO-0003wv-00; Fri, 04 Oct 2002 01:49:42 -0500
Received: from era by there.afraid.org with local (Exim 3.35 #1 (Debian))
	id 17xMHL-0007Qm-00
	for <[email protected]>; Fri, 04 Oct 2002 09:49:39 +0300
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <[email protected]>
Date: Fri, 4 Oct 2002 09:49:37 +0300
To: [email protected]
Subject: Re: Bug#163202: ssh: ssh with public key authentication seems paranoid about home dir permissions
In-Reply-To: <[email protected]>
References: <[email protected]>
X-Mailer: VM 7.03 under Emacs 20.7.2
From: era eriksson <[email protected]>
Sender: era eriksson <[email protected]>
Delivered-To: [email protected]

On Thu, 03 Oct 2002 15:44:38 +0300, era eriksson <[email protected]> wrote:
 > I tried to set up ssh with public key authentication but it turned out
 > to be impossible without changing the permissions of my home directory.

Sorry for leaving out a couple of "obvious" details.

The home directory on the host I'm trying to log in +to+ were the ones
which were problematic. I haven't looked at how SSH behaves when the
originating client's home directory permissions are lax; presumably
you get roughly the same behavior (but at least hopefully a
user-visible warning).

The message I get in /var/log/auth.log is

Oct  3 14:50:06 there sshd[26047]: Authentication refused: bad ownership or modes for directory /home/era

Even with ssh -d none of this is visible to the client who is trying
to connect, which makes this awfully hard to troubleshoot for a normal
user (who might not even have permissions to look at /var/log/auth.log).

/* era */

-- 
   tee -a $HOME/.signature <$HOME/.plan >http://www.iki.fi/era/index.html

Send a report that this bug log contains spam.

Debian bug tracking system administrator <[email protected]>. Last modified: Tue May 13 17:38:42 2025; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU General Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.