Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
openssh_keypair: make sure public key has same permissions as private key #61658
I think this is worth a small discussion whether this is a regular bugfix (which should be backported to stable-2.8) or a breaking change bugfix, which should maybe not be backported (and only included in stable-2.9).
The situation described in #61411 is definitely bad: you don't want to have the public key file be owned by the Ansible user when the private key is owned by someone completely different. I think the main problem are the permissions: users potentially want the private key to have very strict permissions, while the public key should be available to a larger audience.
I think it is still better to use the same settings for both keys, simply because these files are kept right to each others and users also get that when running
Any opinions on this?