This is an automated email from the ASF dual-hosted git repository.
sbp pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
The following commit(s) were added to refs/heads/main by this push:
new 175660d Fix SSH host key permissions if necessary after creation
175660d is described below
commit 175660d20a1166a27171c9d1dcc861b27e64d87f
Author: Sean B. Palmer <[email protected]>
AuthorDate: Tue Jan 20 18:16:57 2026 +0000
Fix SSH host key permissions if necessary after creation
---
atr/ssh.py | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/atr/ssh.py b/atr/ssh.py
index ead7b80..2b153b3 100644
--- a/atr/ssh.py
+++ b/atr/ssh.py
@@ -21,6 +21,7 @@ import asyncio
import asyncio.subprocess
import datetime
import os
+import stat
import string
import time
from typing import Final, TypeVar
@@ -152,6 +153,10 @@ async def server_start() -> asyncssh.SSHAcceptor:
private_key = asyncssh.generate_private_key("ssh-rsa")
private_key.write_private_key(key_path)
log.info(f"Generated SSH host key at {key_path}")
+ permissions = stat.S_IMODE(os.stat(key_path).st_mode)
+ if permissions != 0o400:
+ os.chmod(key_path, 0o400)
+ log.warning("Set permissions of SSH host key to 0o400")
def process_factory(process: asyncssh.SSHServerProcess) ->
asyncio.Task[None]:
connection = process.get_extra_info("connection")
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
