Enable using host's .ssh folder

[ashic]

I tried creating a symlink from /mnt/e/ashic/.ssh to ~/.ssh. The symlink works, but if I try to ssh with it, I get

Bad owner or permissions on /home/ashic/.ssh/config

I tried to chown the the config file, but as it's on a mount, it doesn't change the permissions. I tried creating a symlink, and changing the permissions on the symlink. The permissions do change, but I still get the Bad Owner issue. It'd be great if we could allow such owenership modifications, or have some other way to use a shared .ssh folder.

[fpqc]

DriveFS doesn't support linux-style permissions or symlinking from the user home's special FS right now, I think.

Edit: You can fix this by removing the terminal slash at the end of the path, but you will have another problem due to file permissions afterwards. If the private key has permissions set too permissively, ssh will not start.

An option is to do a Windows junction point, pointing the folder on your Windows side to the one in the lxss user home, but if you save over the known_hosts file from Windows, or generate new ssh keys, it will make it disappear in bash.

[ashic]

Interesting... do you know where in the host machine the ubuntu folders might be located?

[fpqc]

The location of /home is
%localappdata%\lxss\home

It is purposely hidden to avoid having windows programs write directly into it, since it uses special filesystem-level hidden attributes to implement the linux permissions system, and these attributes are not respected by most unaware Windows applications. There should be no problem with Windows applications reading from it though.

Hopefully good editors like VS code and sublime will add the ability to write these files while respecting their Linux permissions sooner or later.

[MadLittleMods]

Related to #149

[rodrymbo]

It can be tricky to get the permissions set up properly on ~/.ssh without symlinks, because things like private keys and authorized_keys are there, and it relies on those (unix) permissions for security. Having other users able to read and/or change those files would be a huge problem. So sshd checks the permissions and is extraordinarily picky.

When I have had occasion to edit files in .ssh in linux, I frequently have to fix permissions so sshd is happy. That's without using symlinks or other fancy techniques.

On the other hand, the files in ~/.ssh aren't that big, and you shouldn't need to mess with them that often. Maybe you could just leave them in ~/.ssh without symlinks?

If you need to edit them from Windows, you could do so in DriveFS somewhere, then copy them into .ssh and then check permissions. But in any case, the "and then check permissions" is pretty much mandatory any time you do anything with ~/.ssh .

I think the problem with most editors is that they write a new temporary file, then delete (or rename) the original (along with its special lxss attributes) and then rename the temporary file to the name of the original. Since the new file doesn't have the extended attributes, lxss refuses to notice it. I have seen my Windows text editor be able to preserve a file's usefulness in WSL when I set it to keep the original instead of doing the little dance with temporary files. But don't tell anyone I said that, or blame me if the file disappears.

[fpqc]

@rodrymbo yep that's exactly why it gets deleted.

[therealkenc]

This was addressed in 17063. #81 and friends.