Package: openssh-client Version: 1:4.1p1-3 Severity: important Setting severity to important because this unexpectedly busted Subversion, though I don't honestly believe it's a *critical* bug.
I just upgraded from sid as of about the time sarge released, and got a blitz of new packages, including the new openssh-client package. Here's a session transcript: 1148 {0} [EMAIL PROTECTED]:~/packages/xorg-x11/svn/trunk/debian$ svn up Bad owner or permissions on /home/branden/.ssh/config svn: Connection closed unexpectedly 1149 {1} [EMAIL PROTECTED]:~/packages/xorg-x11/svn/trunk/debian$ l -l $HOME/.ssh/config -rw-rw-r-- 1 branden branden 125 Jun 26 2004 /home/branden/.ssh/config 1150 {0} [EMAIL PROTECTED]:~/packages/xorg-x11/svn/trunk/debian$ chmod 644 /home/branden/.ssh/config 1151 {0} [EMAIL PROTECTED]:~/packages/xorg-x11/svn/trunk/debian$ svn up At revision 220. I think that check is excessively paranoid. I can think of a few possibilities for resolving this bug: 1) Have the ssh client check to see if usergroups are configured in adduser. Perhaps not a great solution because 1) it's complicated, and 2) this doesn't tell you anything about whether a particular user's account was created with this property or not. 2) Simply tolerate group-writable files if the group name in question is identical to the user name. 3) Alternatively or additionally to 2), ensure that the user is the only member of the group owning the group-writable file. 4) Step this fatal error down to a warning. (I'd find it annoying, though.) 5) As part of the many migrations done to the new openssh world order, walk /home and chmod g-w on all .ssh/config files. Some people might consider this intrusive, though, and it doesn't prevent the creation of new accounts with this problem. 6) Tell everybody in my position "tough cookie" and add a NEWS item advising people that the default umask with usergroups enabled in adduser is just bad news for .ssh/config. In any case: 7) It would be nice if the ssh client would identify itself before spewing that message; e.g.: ssh: bad owner or permissions on /home/branden/.ssh/config -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: powerpc (ppc) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.9-powerpc-smp Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages openssh-client depends on: ii adduser 3.63 Add and remove users and groups ii debconf [debconf-2.0] 1.4.51 Debian configuration management sy ii dpkg 1.13.9 Package maintenance system for Deb ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an ii libedit2 2.9.cvs.20050518-2 BSD editline and history libraries ii libncurses5 5.4-6 Shared libraries for terminal hand ii libssl0.9.7 0.9.7g-1 SSL shared libraries ii zlib1g 1:1.2.2-4 compression library - runtime -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]