2078 – Documentation claims ~.ssh/config must not be accessible by others when actually it must not be readable

Bug 2078 - Documentation claims ~.ssh/config must not be accessible by others when actually it must not be readable

Summary: Documentation claims ~.ssh/config must not be accessible by others when actua...

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	Documentation (show other bugs)
Version:	5.9p1
Hardware:	Other Linux

Importance:	P5 minor
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:	V_6_3
	Show dependency tree / graph

Reported:	2013-03-12 23:35 AEDT by Paul Gotch
Modified:	2015-08-11 23:03 AEST (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Paul Gotch 2013-03-12 23:35:32 AEDT

The ssh man page claims

~/.ssh/config
This is the per-user configuration file.  The file format and
configuration options are described in ssh_config(5).  Because of
the potential for abuse, this file must have strict permissions:
read/write for the user, and not accessible by others.

However in fact this file must only not be writeable by others and this is what ssh checks for.

Comment 1 Damien Miller 2013-07-18 11:12:41 AEST

-read/write for the user, and not accessible by others.
+read/write for the user, and not writable by others.

committed and will be in openssh-6.3

Comment 2 Damien Miller 2015-08-11 23:03:12 AEST

Set all RESOLVED bugs to CLOSED with release of OpenSSH 7.1