Debian has a Debian specific patch (user-group-modes.patch) that changes the behavior compared to the upstream version of OpenSSH.
If a user ssh file or directory has a group write bit set and that group has no other members besides the user then sshd now allows the use of the ssh file or directory. I've confirmed this behavior in Ubuntu 12.04. Upstream the change was not accepted for security reasons and that other distros may not have per-user groups like Debian. See also: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347 https://bugzilla.mindrot.org/show_bug.cgi?id=1060 ** Bug watch added: Debian Bug tracker #314347 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347 ** Bug watch added: OpenSSH Portable Bugzilla #1060 https://bugzilla.mindrot.org/show_bug.cgi?id=1060 ** Changed in: openssh (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/954620 Title: SSH StrictModes does not work correctly To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/954620/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
