openssh's behaviour for an unprotected private key file is inconsistent

Solution Verified - Updated -

Issue

  • we found that you could open a ssh connection with keys if the private key is world readable. The private key isn't stored in home directory.
  • as the user of the key you got a message that the permissions are too open
  • as other user who has read access to the key but is not the owner of the key could open the ssh connection

Environment

  • Red Hat Enterprise Linux (RHEL) 6
  • openssh

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content