Actions
Architecture #15094
openauthorized_keys2 could be a security risk
Status:
New
Priority:
N/A
Assignee:
-
Category:
Techniques
Target version:
-
Pull Request:
Effort required:
Name check:
Fix check:
Regression:
Description
In most linux operating systems the openssh daemon will honer another file called authorized_keys2 this is not currently visible to rudder meaning it might serve as a way to bypass rudder policy enforcement of the authorized keys.
grep -r "autho" /etc/ssh/sshd_config- Expect .ssh/authorized_keys2 to be disregarded by default in future.
#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
Would it be possible to allow for the setting AuthorizedKeysFile to be adjusted from rudder or for rudder to manage the authorized_keys2 file?
Thanks!
Updated by Vincent MEMBRÉ over 5 years ago
- Target version changed from 5.0.13 to 5.0.14
Updated by Vincent MEMBRÉ about 5 years ago
- Target version changed from 5.0.14 to 5.0.15
Updated by Vincent MEMBRÉ about 5 years ago
- Target version changed from 5.0.15 to 5.0.16
Updated by Alexis Mousset almost 5 years ago
- Target version changed from 5.0.16 to 5.0.17
Updated by Vincent MEMBRÉ over 4 years ago
- Target version changed from 5.0.17 to 5.0.18
Updated by Benoît PECCATTE over 4 years ago
- Target version changed from 5.0.18 to 6.2.0~beta1
Updated by Vincent MEMBRÉ about 4 years ago
- Target version changed from 6.2.0~beta1 to 6.2.0~rc1
Updated by François ARMAND about 4 years ago
- Target version deleted (
6.2.0~rc1)
Actions