Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Good Job, cPanel
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Good Job, cPanel

raindog308raindog308 Administrator, Veteran
in General

Before

image

Now We Auth the Key

image

After

image

Ladies and gentlemen, I give you the web hosting industry's most reliable, intuitive control panel since 1997.

Thanked by 9deadbeef FlamesRunner doghouch HyperSpeed Harambe adxn varwww lazyt dimon222

Comments

  • deadbeefdeadbeef Member

    Are you complaining because it promotes openness? :p

  • ricardoricardo Member

    You learn something every day. Never used ll, always ls.

    Not quite sure what the issue is with a public key being readable, maybe a security guru can enlighten me.

    Thanked by 1HyperSpeed
  • trewqtrewq Administrator, Patron Provider

    @ricardo said:
    You learn something every day. Never used ll, always ls.

    ll is an alias for ls - l :)

    Thanked by 2ricardo HyperSpeed
  • NeoonNeoon Community Contributor, Veteran
    edited March 2017

  • raindog308raindog308 Administrator, Veteran

    ricardo said: Not quite sure what the issue is with a public key being readable, maybe a security guru can enlighten me.

    authorized_keys has to be mode 0600 or sshd ignores it. cPanel really should know that.

    Thanked by 3vimalware WSS lazyt
  • raindog308raindog308 Administrator, Veteran

    deadbeef said: Are you complaining because it promotes openness? :p

    Depends on your point of view...since having the wrong perms on authorized_keys prevents it from working, I'm thinking it's not promoting openness.

    Thanked by 1deadbeef
  • deadbeefdeadbeef Member

    @raindog308 said:

    deadbeef said: Are you complaining because it promotes openness? :p

    Depends on your point of view...since having the wrong perms on authorized_keys prevents it from working, I'm thinking it's not promoting openness.

    Lol, touché.

  • ricardoricardo Member

    raindog308 said: authorized_keys has to be mode 0600 or sshd ignores it. cPanel really should know that.

    Gotcha. I've came across something along those lines a few times, though I've just logged into two random servers I use and they're 0644. One root and one non-root.

  • classyclassy Member

    raindog308 said: authorized_keys has to be mode 0600 or sshd ignores it. cPanel really should know that.

    I think you're confusing this with the fact that the ssh client won't ever take a private key without chmod 600. Authorized_keys as 644 has always worked fine for me.

    Thanked by 1ricardo
  • AuroraZAuroraZ Barred

    Then they wonder why shit hits the fan. Nice catch @raindog308.

  • raindog308raindog308 Administrator, Veteran

    classy said: I think you're confusing this with the fact that the ssh client won't ever take a private key without chmod 600. Authorized_keys as 644 has always worked fine for me.

    Holy crap, you're right. I've always done 0600 on both sides...apparently you don't need it on the server side. But you do on the client. Odd...but...well, you're right, cPanel's right, and I'm wrong.

    OK, nothing to see here folks...

    image

    Thanked by 7Four20 DrFallen HyperSpeed nulldev layfon saf31 luissousa
  • DigitalFyreDigitalFyre Member

    Thanked by 8Four20 raindog308 DrFallen HyperSpeed imok saf31 varwww luissousa
  • frkfrk Member

    Especially since theres no need to hide your pub keys from anyone, they are called 'public' for a reason.

  • WSSWSS Member

    just post your id_dsa id_rsa id_e6969 and that stuff. We'll convert it into .pub for you.

  • HassanHassan Member, Patron Provider

    @WSS said:
    just post your id_dsa id_rsa id_e6969 and that stuff. We'll convert it into .pub for you.

    LMAO

  • rds100rds100 Member
    edited March 2017

    The authorized_keys file does not need to be 600. It can be 644 just fine. It is enough that the .ssh directory is 700

    The authorized_keys files contains just public keys, which are... "public". You need to keep the private keys secret, not the public keys.

  • sergsergiusergsergiu Member

    Well 0600 is about private keys. You can put public keys on your blog public page :p

  • jcalebjcaleb Member

    Auth keys ok, key pair not ok

Sign In or Register to comment.