From 0fac6a0db5524d6b9824ef205bdd809ad762fd32 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 23 Jun 2008 19:09:25 -0400 Subject: [PATCH] authorized_keys files appear to need to be readable by the user logging in. --- src/monkeysphere-server | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 11e593b..35e0096 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -231,6 +231,13 @@ case $COMMAND in fi fi + # openssh appears to check the contents of the + # authorized_keys file as the user in question, so the file + # must be readable by that user at least. + # FIXME: is there a better way to do this? + chgrp $(getent passwd "$uname" | cut -f4 -d:) "$AUTHORIZED_KEYS" + chmod g+r "$AUTHORIZED_KEYS" + # move the temp authorized_keys file into place mv -f "$AUTHORIZED_KEYS" "${CACHE}/authorized_keys/${uname}" -- 2.26.2