Package: ssh Version: 1:3.8.1p1-8 Severity: normal According to ssh-copy-id(1), ssh-copy-id is supposed to fix the permissions of ~, ~/.ssh and ~/.ssh/authorized_keys:
--8<--- It also changes the permissions of the remote user's home, ~/.ssh, and ~/.ssh/authorized_keys to remove group writability (which would other- wise prevent you from logging in, if the remote sshd has StrictModes set in its configuration). --8<--- However all it actually does is creating ~/.ssh and ~/.ssh/authorized_keys with the proper permissions if they do not exist already. It does not care at all about the permissions of the user's home directory. elmar -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i586) Kernel: Linux 2.4.25-grsecurity-1.9.14 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 Versions of packages ssh depends on: ii adduser 3.59 Add and remove users and groups ii debconf 1.4.36 Debian configuration management sy ii dpkg 1.10.23 Package maintenance system for Deb ii libc6 2.3.2.ds1-16 GNU C Library: Shared libraries an ii libpam-modules 0.76-22 Pluggable Authentication Modules f ii libpam-runtime 0.76-22 Runtime support for the PAM librar ii libpam0g 0.76-22 Pluggable Authentication Modules l ii libssl0.9.7 0.9.7d-5 SSL shared libraries ii libwrap0 7.6.dbs-6 Wietse Venema's TCP wrappers libra ii zlib1g 1:1.2.1.2-1 compression library - runtime -- debconf information: ssh/insecure_rshd: ssh/privsep_ask: true * ssh/user_environment_tell: * ssh/forward_warning: ssh/insecure_telnetd: ssh/new_config: true * ssh/use_old_init_script: true * ssh/upgrade_to_openssh: true * ssh/SUID_client: false ssh/protocol2_default: * ssh/privsep_tell: * ssh/ssh2_keys_merged: ssh/ancient_version: ssh/protocol2_only: true ssh/encrypted_host_key_but_no_keygen: * ssh/run_sshd: true
