Recipe 17.13. Setting File Permissions on ssh Files

Previous page
Table of content
Next page
 < Day Day Up > 

17.13.1 Problem

You want to be sure that your SSH files and keys have the correct, most secure permissions.

17.13.2 Solution

For user accounts in ~/.ssh, use the following permissions:

~/.ssh
mode 700
~/.ssh/id_dsa and other private keys
mode 400
~/.ssh/id_dsa.pub and other public keys
mode 644
~/.ssh/ssh_config
mode 644
~/.ssh/known_hosts
mode 644
~/.ssh/authorized_keys
mode 644


Files in /etc/ssh should have these permissions:

/etc/ssh
mode 755
/etc/ssh/sshd_config
mode 644
/etc/ssh/ssh_config
mode 644
/etc/ssh/ssh_host_dsa_key and other private keys
mode 400
/etc/ssh/ssh_host_dsa_key.pub and other public keys
mode 644
/etc/ssh/moduli
mode 644


17.13.3 Discussion

File permissions and ownership are fundamental security tools in Linux, so it's important to be careful and make sure to get them right. Again, beware of text editors that create automatic backup copies, and be careful when you delete files. If they sit in the Trash, they can easily be retrieved.

17.13.4 See Also

  • ssh(1), sshd(8)

  • SSH, The Secure Shell: The Definitive Guide

     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Linux Cookbook
    Linux Cookbook
    ISBN: 0596006403
    EAN: 2147483647
    Year: 2004
    Pages: 434
    Authors: Carla Schroder
    BUY ON AMAZON
    Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
    WebLogic: The Definitive Guide
    The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
    The Java Tutorial: A Short Course on the Basics, 4th Edition
    Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
    Python Standard Library (Nutshell Handbooks) with
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy