Make sure, .ssh directory and authorized_keys file are kept at correct permissions
This commit is contained in:
parent
99eeb08419
commit
be7ce72ebe
|
@ -69,7 +69,7 @@ func init() {
|
||||||
|
|
||||||
// Determine and create .ssh path.
|
// Determine and create .ssh path.
|
||||||
SshPath = filepath.Join(homeDir(), ".ssh")
|
SshPath = filepath.Join(homeDir(), ".ssh")
|
||||||
if err = os.MkdirAll(SshPath, os.ModePerm); err != nil {
|
if err = os.MkdirAll(SshPath, 0700); err != nil {
|
||||||
log.Fatal(4, "fail to create SshPath(%s): %v\n", SshPath, err)
|
log.Fatal(4, "fail to create SshPath(%s): %v\n", SshPath, err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -155,6 +155,15 @@ func saveAuthorizedKeyFile(key *PublicKey) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
finfo, err := f.Stat()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if finfo.Mode().Perm() > 0600 {
|
||||||
|
log.Error("authorized_keys file has unusual permission flags: " + finfo.Mode().Perm() + " - setting to -rw-r--r--")
|
||||||
|
f.Chmod(0600)
|
||||||
|
}
|
||||||
|
|
||||||
defer f.Close()
|
defer f.Close()
|
||||||
|
|
||||||
_, err = f.WriteString(key.GetAuthorizedString())
|
_, err = f.WriteString(key.GetAuthorizedString())
|
||||||
|
|
Loading…
Reference in a new issue