New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Good Job, cPanel
raindog308
Administrator, Veteran
in General
Before
Now We Auth the Key
After
Ladies and gentlemen, I give you the web hosting industry's most reliable, intuitive control panel since 1997.
Comments
Are you complaining because it promotes openness?
You learn something every day. Never used
ll
, alwaysls
.Not quite sure what the issue is with a public key being readable, maybe a security guru can enlighten me.
ll
is an alias forls - l
authorized_keys has to be mode 0600 or sshd ignores it. cPanel really should know that.
Depends on your point of view...since having the wrong perms on authorized_keys prevents it from working, I'm thinking it's not promoting openness.
Lol, touché.
Gotcha. I've came across something along those lines a few times, though I've just logged into two random servers I use and they're 0644. One root and one non-root.
I think you're confusing this with the fact that the ssh client won't ever take a private key without chmod 600. Authorized_keys as 644 has always worked fine for me.
Then they wonder why shit hits the fan. Nice catch @raindog308.
Holy crap, you're right. I've always done 0600 on both sides...apparently you don't need it on the server side. But you do on the client. Odd...but...well, you're right, cPanel's right, and I'm wrong.
OK, nothing to see here folks...
Especially since theres no need to hide your pub keys from anyone, they are called 'public' for a reason.
just post your id_dsa id_rsa id_e6969 and that stuff. We'll convert it into .pub for you.
LMAO
The authorized_keys file does not need to be 600. It can be 644 just fine. It is enough that the .ssh directory is 700
The authorized_keys files contains just public keys, which are... "public". You need to keep the private keys secret, not the public keys.
Well 0600 is about private keys. You can put public keys on your blog public page
Auth keys ok, key pair not ok