tyler.durden/Win32-OpenSSH
1
0
Fork 0
mirror of https://github.com/PowerShell/Win32-OpenSSH.git synced 2025-07-29 08:54:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Updated Security protection of various files in Win32 OpenSSH (markdown)

Manoj Ampalam 2017-05-15 00:07:03 -07:00
parent 74449a36af
commit 31932d744f
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Security-protection-of-various-files-in-Win32-OpenSSH.md

@ -24,6 +24,8 @@ authorized_keys NT SERVICE\sshd:(R)
someotheruser:(R) someotheruser:(R)
``` ```
- Host specific resources on server side - host private keys - Host specific resources on server side - host private keys
In a secure configuration, host private keys should be registered with ssh-agent. See [wiki](https://github.com/PowerShell/Win32-OpenSSH/wiki/Install-Win32-OpenSSH) for details on how to secure host keys.
If the private keys are directly consumed by SSHD, following are enforced:
- Should be owned by "SYSTEM" (or Administrators group) - Should be owned by "SYSTEM" (or Administrators group)
- Should not be accessible to other users or groups (other than Administrators group). - Should not be accessible to other users or groups (other than Administrators group).
- "NT Service/sshd" can only have (R) access. - "NT Service/sshd" can only have (R) access.