From owner-freebsd-questions@FreeBSD.ORG  Tue Jun 23 14:15:17 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 784961065677
	for <freebsd-questions@freebsd.org>;
	Tue, 23 Jun 2009 14:15:17 +0000 (UTC)
	(envelope-from jerrymc@gizmo.acns.msu.edu)
Received: from gizmo.acns.msu.edu (gizmo.acns.msu.edu [35.8.1.43])
	by mx1.freebsd.org (Postfix) with ESMTP id 4154C8FC18
	for <freebsd-questions@freebsd.org>;
	Tue, 23 Jun 2009 14:15:16 +0000 (UTC)
	(envelope-from jerrymc@gizmo.acns.msu.edu)
Received: from gizmo.acns.msu.edu (localhost [127.0.0.1])
	by gizmo.acns.msu.edu (8.13.6/8.13.6) with ESMTP id n5NEC3kj044750;
	Tue, 23 Jun 2009 10:12:03 -0400 (EDT)
	(envelope-from jerrymc@gizmo.acns.msu.edu)
Received: (from jerrymc@localhost)
	by gizmo.acns.msu.edu (8.13.6/8.13.6/Submit) id n5NEC3GB044749;
	Tue, 23 Jun 2009 10:12:03 -0400 (EDT) (envelope-from jerrymc)
Date: Tue, 23 Jun 2009 10:12:03 -0400
From: Jerry McAllister <jerrymc@msu.edu>
To: Daniel Underwood <djuatdelta@gmail.com>
Message-ID: <20090623141202.GB44661@gizmo.acns.msu.edu>
References: <b6c05a470906230706w5154c697uedb41f2164681a0a@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <b6c05a470906230706w5154c697uedb41f2164681a0a@mail.gmail.com>
User-Agent: Mutt/1.4.2.2i
Cc: freebsd-questions@freebsd.org
Subject: Re: ~/.ssh directory permissions
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jun 2009 14:15:17 -0000

On Tue, Jun 23, 2009 at 10:06:03AM -0400, Daniel Underwood wrote:

> Looking at my ~/.ssh directory, I see the following permissions:
> 
> -rw-r--r--
> 
> Which I understand to be equivalent to 644.
> 
> I read here <http://sial.org/howto/openssh/publickey-auth/> that
> ~/.ssh ought to have permissions 700.
> 
> Which is preferable, and why?

Well, generically, 700 allows you to do anything you want with
the file as owner, but no other id (except root) can touch it in
any way - not even look at it.   I don't really know if it would
hurt to allow others to read it or not, but in the philosophy of
if access is not needed, then don't provide it, I would make it
limited to 700.

I just looked at mine and it is set to 700.

////jerry
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"