Public bug reported: Bug present in: Ubuntu 14.04 LTS, cloud-init 0.7.5-0ubuntu1
In ssh_util.py, setup_user_keys, which is called by config.cc_ssh.apply_credentials, changes the permissions of the directory into which the new user's public ssh key is written. This directory is found by parsing /etc/ssh/sshd_config for the value of AuthorizedKeysFile and calling dirname. In our case, the value of AuthorizedKeysFile is /etc/authorized_keys.d/%u.pub. This means that cloud-init chmods /etc/authorized_keys.d to 0700, preventing any user from logging in. My proposed solution is for setup_user_keys to only chmod and chown the directory and pubkey file if the file is contained within the user's home directory. ** Affects: cloud-init (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to cloud-init in Ubuntu. https://bugs.launchpad.net/bugs/1340901 Title: ssh_util.setup_user_keys restricts permission on ssh public keys dir, preventing login To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1340901/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs