Architecture #15094: authorized_keys2 could be a security risk - Rudder - Issue Tracker

Actions

Copy link

Architecture #15094

open

authorized_keys2 could be a security risk

Added by Matthew Frost over 5 years ago. Updated about 4 years ago.

Status:

New

Priority:

N/A

Assignee:

Category:

Techniques

Target version:

Pull Request:

Effort required:

Name check:

Fix check:

Regression:

Description

In most linux operating systems the openssh daemon will honer another file called authorized_keys2 this is not currently visible to rudder meaning it might serve as a way to bypass rudder policy enforcement of the authorized keys.

grep -r "autho" /etc/ssh/sshd_config

Expect .ssh/authorized_keys2 to be disregarded by default in future.
#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2

Would it be possible to allow for the setting AuthorizedKeysFile to be adjusted from rudder or for rudder to manage the authorized_keys2 file?

Thanks!

History
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Rudder

Custom queries

Architecture #15094

authorized_keys2 could be a security risk

Updated by Alexis Mousset over 5 years ago

Updated by Nicolas CHARLES over 5 years ago

Updated by Vincent MEMBRÉ about 5 years ago

Updated by Vincent MEMBRÉ about 5 years ago

Updated by Vincent MEMBRÉ almost 5 years ago

Updated by Alexis Mousset almost 5 years ago

Updated by Vincent MEMBRÉ over 4 years ago

Updated by Benoît PECCATTE over 4 years ago

Updated by Vincent MEMBRÉ about 4 years ago

Updated by François ARMAND about 4 years ago