]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commitdiff
projects / people / pmueller / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 97c76ea)
OpenSSH: restrict file permissions for sshd_config to 0600
authorPeter Müller <peter.mueller@ipfire.org>
Sun, 30 May 2021 10:33:31 +0000 (12:33 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Mon, 31 May 2021 12:41:13 +0000 (12:41 +0000)
This file does not have to be readable by anybody else than the user
running an OpenSSH server. While it does not really contain confidential
information, exposing it to the rest of the world makes no sense either.

This will silence a Lynis warning. :-)

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
lfs/openssh patch | blob | blame | history

diff --git a/lfs/openssh b/lfs/openssh
index 3117e996c95aaded3f112738b87aca623a718a94..ced1a7db97039f5d2c5a9bf7b80fbb922b4f58e9 100644 (file)
--- a/lfs/openssh
+++ b/lfs/openssh
@@ -84,7 +84,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        cd $(DIR_APP) && make install
 
        # install custom OpenSSH server configuration
-       install -v -m 644 $(DIR_SRC)/config/ssh/sshd_config \
+       install -v -m 600 $(DIR_SRC)/config/ssh/sshd_config \
                /etc/ssh/sshd_config
 
        # install custom OpenSSH client configuration
Peter's tree of IPFire 2.x