tyler.durden/Win32-OpenSSH
1
0
Fork 0
mirror of https://github.com/PowerShell/Win32-OpenSSH.git synced 2025-07-27 07:54:50 +02:00
Code Issues Packages Projects Releases Wiki Activity

Updated Security protection of various files in Win32 OpenSSH (markdown)

Manoj Ampalam 2017-05-25 12:04:41 -07:00
parent a44ecd52ff
commit 87217efacf
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Security-protection-of-various-files-in-Win32-OpenSSH.md

@ -32,6 +32,10 @@ Steps to fix these permissions
PS C:\>icacls .\ssh_host_dsa_key /setowner system PS C:\>icacls .\ssh_host_dsa_key /setowner system
PS C:\>icacls .\ssh_host_dsa_key /remove otheruser PS C:\>icacls .\ssh_host_dsa_key /remove otheruser
``` ```
At this point, you could do the following to replicate these permissions onto other host keys
```
PS C:\>get-acl .\ssh_host_dsa_key | Set-Acl ssh_host*key
```
### authorized_keys ### authorized_keys
authorized_keys is an user associated file that represents a list of authorized public keys that could be used for (key-based) user authentication. Unauthorized access to this file compromises the associated user's account. This file should not be owned by, nor provide access to any other user. Note that sshd service needs **read** access to authorized_keys for public key validation. authorized_keys is an user associated file that represents a list of authorized public keys that could be used for (key-based) user authentication. Unauthorized access to this file compromises the associated user's account. This file should not be owned by, nor provide access to any other user. Note that sshd service needs **read** access to authorized_keys for public key validation.
Following is a misconfigured authorized key because Following is a misconfigured authorized key because