tyler.durden/Win32-OpenSSH
1
0
Fork 0
mirror of https://github.com/PowerShell/Win32-OpenSSH.git synced 2025-07-28 16:34:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

Updated Security protection of various files in Win32 OpenSSH (markdown)

Manoj Ampalam 2017-05-15 00:09:28 -07:00
parent 31932d744f
commit ccb49086be
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Security-protection-of-various-files-in-Win32-OpenSSH.md

@ -23,9 +23,7 @@ authorized_keys NT SERVICE\sshd:(R)
userA:(F)
someotheruser:(R)
```
- Host specific resources on server side - host private keys
In a secure configuration, host private keys should be registered with ssh-agent. See [wiki](https://github.com/PowerShell/Win32-OpenSSH/wiki/Install-Win32-OpenSSH) for details on how to secure host keys.
If the private keys are directly consumed by SSHD, following are enforced:
- Host specific resources on server side - host private keys. In a secure configuration, host private keys should be registered with ssh-agent. See [wiki](https://github.com/PowerShell/Win32-OpenSSH/wiki/Install-Win32-OpenSSH) for details on how to secure host keys. If the private keys are directly consumed by SSHD, following are enforced:
- Should be owned by "SYSTEM" (or Administrators group)
- Should not be accessible to other users or groups (other than Administrators group).
- "NT Service/sshd" can only have (R) access.