<p><br>
On Jun 19, 2012 10:07 AM, "Jayson Vaughn" <<a href="mailto:vaughn.jayson@gmail.com">vaughn.jayson@gmail.com</a>> wrote:<br>
><br>
><br>
> On Jun 19, 2012 8:46 AM, "Neal Becker" <<a href="mailto:ndbecker2@gmail.com">ndbecker2@gmail.com</a>> wrote:<br>
> ><br>
> > Jayson Vaughn wrote:<br>
> ><br>
> > > I'm confused. As long as ~/.ssh is 700 it works for me.<br>
> > > On Jun 19, 2012 8:02 AM, "Neal Becker" <<a href="mailto:ndbecker2@gmail.com">ndbecker2@gmail.com</a>> wrote:<br>
> > ><br>
> > >> It's been true for a long time that fedora sets up home dir as 775.<br>
> > >> But ssh, with default settings, won't allow public keys to work when<br>
> > >> home dir has mode 775.<br>
> > >><br>
> > >> Not only, but the poor new fedora user, who tries to ssh into his fedora<br>
> > >> box, won't see any message indicating what is wrong. Only if he/she can<br>
> > >> be root and read var/log/secure they may learn the reason.<br>
> > >><br>
> > >> This is rediculous. I liked the idea of 775 when it was introduced, since<br>
> > >> it<br>
> > >> did solve an annoyance with the old unix groups. But then we should make<br>
> > >> the<br>
> > >> default fedora install work by setting the sshd config to allow it to<br>
> > >> accept<br>
> > >> this setup.<br>
> > >><br>
> > >> --<br>
> > >> devel mailing list<br>
> > >> <a href="mailto:devel@lists.fedoraproject.org">devel@lists.fedoraproject.org</a><br>
> > >> <a href="https://admin.fedoraproject.org/mailman/listinfo/devel">https://admin.fedoraproject.org/mailman/listinfo/devel</a><br>
> ><br>
> > Are you sure??<br>
> ><br>
> > ls -ld .ssh<br>
> > drwx------. 2 nbecker nbecker 4096 Jun 15 08:25 .ssh<br>
> ><br>
> > ls -ld ~/<br>
> > drwxrwxr-x. 67 nbecker nbecker 4096 Jun 19 06:54 /home/nbecker/<br>
> ><br>
> > Jun 19 09:44:41 nbecker5 sshd[25418]: Authentication refused: bad ownership or<br>
> > modes for directory /home/nbecker<br>
> ><br>
> ><br>
> > --<br>
> > devel mailing list<br>
> > <a href="mailto:devel@lists.fedoraproject.org">devel@lists.fedoraproject.org</a><br>
> > <a href="https://admin.fedoraproject.org/mailman/listinfo/devel">https://admin.fedoraproject.org/mailman/listinfo/devel</a><br>
><br>
> Well, yes it works for me however my home directories are not created with 775 permissions by default. Everytime I use "useradd" the home directory is created as 700 - as it should be.<br>
><br>
> Your home directories are created with permissions 775 by default?</p>
<p>What is your UMASK value in /etc/login.defs? It should be 077, which creates the home directories as 700.</p>