|
|
SFTP folder permission issue using secure keys and no passphrase
I have a working sftp connection between an HPUX and a Solaris system
both are Unix. I am scripting a cron and I can get in without getting
prompted with a password request. Obviously i need to keep this
noninteractive. My problem comes up when i try to open permissions
more on the Directory on the target machine. When i do I get the
password prompt. When i return the permssions back the problem goes
away; no prompting for password. The home directory contains the .ssh
subdir with an authorized_keys file.
I need to give the group write permissions on the target machine.
The home directory permissions are: (this works without getting a
password prompt)
drwx r-x r-- (754) (Owner, group, others)
I want to be able to give the group write permissions as follows:
drwx rwx r-- (774)
bottom line: just adding write permissions to the directory for the
"group" causes the undesired password prompt to appear.
anyone know how to get around this? Maybe some file somewhere that
can be configured to allow more open directory permissions?
Thanks,
Steve
|
|
0
|
|
|
|
Reply
|
 Steve
|
10/8/2009 5:20:55 PM |
|
On Oct 8, 1:20=A0pm, Steve Riitano <stevel...@gmail.com> wrote:
> I have a working sftp connection between an HPUX and a Solaris system
> both are Unix. =A0I am scripting a cron and I can get in without getting
> prompted with a password request. =A0Obviously i need to keep this
> noninteractive. =A0My problem comes up when i try to open permissions
> more on the Directory on the target machine. =A0When i do I get the
> password prompt. =A0When i return the permssions back the problem goes
> away; no prompting for password. =A0The home directory contains the .ssh
> subdir with an authorized_keys file.
>
> I need to give the group write permissions on the target machine.
>
> The home directory permissions are: (this works without getting a
> password prompt)
> drwx r-x r-- (754) =A0(Owner, group, others)
>
> I want to be able to give the group write permissions as follows:
> drwx rwx r-- (774)
>
> bottom line: just adding write permissions to the directory for the
> "group" causes the undesired password prompt to appear.
>
> anyone know how to get around this? =A0Maybe some file somewhere that
> can be configured to allow more open directory permissions?
>
> Thanks,
> Steve
Check the settings in the 'sshd_config' file, and check the
permissions of the $HOME/.ssh directory and files when you set those.
$HOME/.ssh should be permissions 700, and the private files within it
should be 600.
Also, why are you using permissions '774'? Why not use '770'? A
directory without read but not execute permissions is... fairly odd.
And better yet, why are you sharing a home directory? Why not have
your users use a shared directory somewhere else?
|
|
|
0
|
|
|
|
Reply
|
Nico
|
10/9/2009 10:34:30 AM
|
|
On Oct 9, 3:34=A0pm, Nico Kadel-Garcia <nka...@gmail.com> wrote:
> On Oct 8, 1:20=A0pm, Steve Riitano <stevel...@gmail.com> wrote:
>
>
>
>
>
> > I have a working sftp connection between an HPUX and a Solaris system
> > both are Unix. =A0I am scripting a cron and I can get in without gettin=
g
> > prompted with a password request. =A0Obviously i need to keep this
> > noninteractive. =A0My problem comes up when i try to open permissions
> > more on the Directory on the target machine. =A0When i do I get the
> > password prompt. =A0When i return the permssions back the problem goes
> > away; no prompting for password. =A0The home directory contains the .ss=
h
> > subdir with an authorized_keys file.
>
> > I need to give the group write permissions on the target machine.
>
> > The home directory permissions are: (this works without getting a
> > password prompt)
> > drwx r-x r-- (754) =A0(Owner, group, others)
>
> > I want to be able to give the group write permissions as follows:
> > drwx rwx r-- (774)
>
> > bottom line: just adding write permissions to the directory for the
> > "group" causes the undesired password prompt to appear.
>
> > anyone know how to get around this? =A0Maybe some file somewhere that
> > can be configured to allow more open directory permissions?
>
> > Thanks,
> > Steve
>
> Check the settings in the 'sshd_config' file, and check the
> permissions of the $HOME/.ssh directory and files when you set those.
> $HOME/.ssh should be permissions 700, and the private files within it
> should be 600.
>
> Also, why are you using permissions '774'? Why not use '770'? A
> directory without read but not execute permissions is... fairly odd.
>
> And better yet, why are you sharing a home directory? Why not have
> your users use a shared directory somewhere else?- Hide quoted text -
>
> - Show quoted text -
Hi Nico / Steve,
I have also stuck with the same problem.
In my case some files will be FTPed by one user (user1) form other
system to my system.
And in my system a process running under some different user(user2)
will process those files and delete them after processing.
These two users user1 & user2 share the same group say group1.
So I need atleast 770 permissions for the home directory.
Have you done it successfully with 770 permission?
Please suggest.
Sandip
|
|
|
0
|
|
|
|
Reply
|
Sandip
|
10/28/2009 1:02:03 PM
|
|
|
2 Replies
512 Views
(page loaded in 0.053 seconds)
|
|
|
|
|
|
|
|
|
Search |
Post Question |
Groups |
Stream |
About |
Register
58 articles. 
0 followers. 