[Libguestfs] [PATCH] customize: Create .ssh as 0700 and .ssh/authorized_keys as 0600 (RHBZ#1260778).
Pino Toscano
ptoscano at redhat.com
Tue Sep 8 08:21:04 UTC 2015
On Monday 07 September 2015 22:16:47 Richard W.M. Jones wrote:
> Both ssh-copy-id and ssh create .ssh as 0700. ssh-copy-id creates
> .ssh/authorized_keys as 0600.
>
> Thanks: Ryan Sawhill for finding the bug.
Mostly LGTM, except ...
> ---
> customize/ssh_key.ml | 4 ++--
> src/guestfs.pod | 17 +++++++++++++++++
> 2 files changed, 19 insertions(+), 2 deletions(-)
>
> diff --git a/customize/ssh_key.ml b/customize/ssh_key.ml
> index 09664bf..dd6056f 100644
> --- a/customize/ssh_key.ml
> +++ b/customize/ssh_key.ml
> @@ -119,14 +119,14 @@ let do_ssh_inject_unix (g : Guestfs.guestfs) user selector =
> let ssh_dir = sprintf "%s/.ssh" home_dir in
> if not (g#exists ssh_dir) then (
> g#mkdir ssh_dir;
> - g#chmod 0o755 ssh_dir
> + g#chmod 0o700 ssh_dir
> );
>
> (* Create ~user/.ssh/authorized_keys if it doesn't exist. *)
> let auth_keys = sprintf "%s/authorized_keys" ssh_dir in
> if not (g#exists auth_keys) then (
> g#touch auth_keys;
> - g#chmod 0o644 auth_keys
> + g#chmod 0o600 auth_keys
> );
>
> (* Append the key. *)
> diff --git a/src/guestfs.pod b/src/guestfs.pod
> index 75afa9d..366d6f5 100644
> --- a/src/guestfs.pod
> +++ b/src/guestfs.pod
> @@ -2244,6 +2244,23 @@ allowed a malformed filesystem to take over the appliance.
>
> If you use sVirt to confine qemu, that would thwart some attacks.
>
> +=head2 Permissions of F<.ssh> and F<.ssh/authorized_keys>
> +
> +L<https://bugzilla.redhat.com/1260778>
> +
> +The tools L<virt-customize(1)>, L<virt-sysprep(1)> and
> +L<virt-builder(1)> have an I<--ssh-inject> option for injecting an SSH
> +key into virtual machine disk images. They may create a F<~user/.ssh>
> +directory and F<~user/.ssh/authorized_keys> file in the guest to do
> +this.
> +
> +In libguestfs E<lt> 1.31.5 and libguestfs E<lt> 1.30.1, the new
... the stable version here, which should be < 1.30.2.
> +directory and file would get mode C<0755> and mode C<0644>
> +respectively. However these permissions (especially for
> +F<~user/.ssh>) are wider than the permissions that OpenSSH uses. In
> +current libguestfs, the directory and file are created with mode
> +C<0700> and mode C<0600>.
> +
> =head1 CONNECTION MANAGEMENT
>
> =head2 guestfs_h *
>
Thanks,
--
Pino Toscano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/libguestfs/attachments/20150908/1cf8b906/attachment.sig>
More information about the Libguestfs
mailing list