[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
> Jul 21 09:55:55 phaserv1 sshd[17334]: Authentication refused: bad ownership > or modes for directory /ftp-area/FileCollector > > All the home folders come under the /ftp-area for this server. And all have > group W permissions set (so that a job that executes as a specific user can > go into each of those home folders and clean them up). > > So the perms were > > drwxrwxr-x 3 FileCollector FileCollector 4096 Jul 21 08:56 FileCollector > > That was it - removing the group WRITE permission allowed SSH to work. So it > was a permissions issue, after all. Just not on the .ssh directory, or the > authorized_keys file ... Awesome that you found it! > Now, supposing I need that account to have group WRITE permissions (for > whatever reason), how would I have told SSH to disregard the perms on the > home folder? I ask for future reference only. I think I'd make a group writable sub-directory instead (configure your ftp server to point into there - or whatever software needs access to the writable spot). ssh needs strong perms on all the directories leading up to and including the .ssh directory and its contents - if they're not strong, then someone can potentially move (rename) the directory and substitute an alternate. Kyle -- Twitter: @kyleburton Blog: http://asymmetrical-view.com/ Fun: http://snapclean.me/ ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug