[Libguestfs] [PATCH] customize: Create .ssh as 0700 and .ssh/authorized_keys as 0600 (RHBZ#1260778).

Pino Toscano ptoscano at redhat.com
Tue Sep 8 08:21:04 UTC 2015


On Monday 07 September 2015 22:16:47 Richard W.M. Jones wrote:
> Both ssh-copy-id and ssh create .ssh as 0700.  ssh-copy-id creates
> .ssh/authorized_keys as 0600.
> 
> Thanks: Ryan Sawhill for finding the bug.

Mostly LGTM, except ...

> ---
>  customize/ssh_key.ml |  4 ++--
>  src/guestfs.pod      | 17 +++++++++++++++++
>  2 files changed, 19 insertions(+), 2 deletions(-)
> 
> diff --git a/customize/ssh_key.ml b/customize/ssh_key.ml
> index 09664bf..dd6056f 100644
> --- a/customize/ssh_key.ml
> +++ b/customize/ssh_key.ml
> @@ -119,14 +119,14 @@ let do_ssh_inject_unix (g : Guestfs.guestfs) user selector =
>    let ssh_dir = sprintf "%s/.ssh" home_dir in
>    if not (g#exists ssh_dir) then (
>      g#mkdir ssh_dir;
> -    g#chmod 0o755 ssh_dir
> +    g#chmod 0o700 ssh_dir
>    );
>  
>    (* Create ~user/.ssh/authorized_keys if it doesn't exist. *)
>    let auth_keys = sprintf "%s/authorized_keys" ssh_dir in
>    if not (g#exists auth_keys) then (
>      g#touch auth_keys;
> -    g#chmod 0o644 auth_keys
> +    g#chmod 0o600 auth_keys
>    );
>  
>    (* Append the key. *)
> diff --git a/src/guestfs.pod b/src/guestfs.pod
> index 75afa9d..366d6f5 100644
> --- a/src/guestfs.pod
> +++ b/src/guestfs.pod
> @@ -2244,6 +2244,23 @@ allowed a malformed filesystem to take over the appliance.
>  
>  If you use sVirt to confine qemu, that would thwart some attacks.
>  
> +=head2 Permissions of F<.ssh> and F<.ssh/authorized_keys>
> +
> +L<https://bugzilla.redhat.com/1260778>
> +
> +The tools L<virt-customize(1)>, L<virt-sysprep(1)> and
> +L<virt-builder(1)> have an I<--ssh-inject> option for injecting an SSH
> +key into virtual machine disk images.  They may create a F<~user/.ssh>
> +directory and F<~user/.ssh/authorized_keys> file in the guest to do
> +this.
> +
> +In libguestfs E<lt> 1.31.5 and libguestfs E<lt> 1.30.1, the new

... the stable version here, which should be < 1.30.2.

> +directory and file would get mode C<0755> and mode C<0644>
> +respectively.  However these permissions (especially for
> +F<~user/.ssh>) are wider than the permissions that OpenSSH uses.  In
> +current libguestfs, the directory and file are created with mode
> +C<0700> and mode C<0600>.
> +
>  =head1 CONNECTION MANAGEMENT
>  
>  =head2 guestfs_h *
> 

Thanks,
-- 
Pino Toscano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/libguestfs/attachments/20150908/1cf8b906/attachment.sig>


More information about the Libguestfs mailing list