Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SSH pubkeyauthentication for additional jail user accounts #419

Closed
VincentBentley opened this issue Jun 30, 2019 · 1 comment
Assignees

Comments

@VincentBentley
Copy link

@VincentBentley VincentBentley commented Jun 30, 2019

Mandatory info for bug reports:

FreeBSD version ( uname -a ): 12.0-RELEASE-p6

CBSD version ( cbsd version ): 12.0.12

I don't think that this is really a bug, more of an annoyance for those people that need to setup SSH with public key authentication on additional user accounts created by jconstruct-tui E.g. for Ansible.

The home directory of the additional user is created with g+w permission. To get SSH public key authentication working the home directory needs to be chmod 700.

Obviously, to get SSH working for the additional user lots of other things need to be done such as generating keys which is why I think this issue is more of an annoyance than a bug as it could be done by another script written by the SysAdmin that does this prep. It's annoying if you are unaware of the SSH requirement for tighter home directory permissions or have forgotten about it and spent some time trying to debug the SSH connection.

If jconstruct-tui creates additional home directories with mode 700 it would be one less thing to be concerned about when setting up jail user accounts.

@olevole olevole self-assigned this Jul 1, 2019
olevole added a commit that referenced this issue Jul 1, 2019
@olevole

This comment has been minimized.

Copy link
Collaborator

@olevole olevole commented Jul 1, 2019

I preferred to set the FreeBSD default rights (0755, not 0700). This is an acceptable option for openssh. Please reopen if it doesn't work, thanks!

@olevole olevole closed this Jul 1, 2019
olevole added a commit that referenced this issue Jul 1, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.