* [PATCH] OpenSSH: restrict file permissions for sshd_config to 0600
@ 2021-05-30 10:33 Peter Müller
0 siblings, 0 replies; only message in thread
From: Peter Müller @ 2021-05-30 10:33 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 841 bytes --]
This file does not have to be readable by anybody else than the user
running an OpenSSH server. While it does not really contain confidential
information, exposing it to the rest of the world makes no sense either.
This will silence a Lynis warning. :-)
Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
---
lfs/openssh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lfs/openssh b/lfs/openssh
index 3117e996c..ced1a7db9 100644
--- a/lfs/openssh
+++ b/lfs/openssh
@@ -84,7 +84,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP) && make install
# install custom OpenSSH server configuration
- install -v -m 644 $(DIR_SRC)/config/ssh/sshd_config \
+ install -v -m 600 $(DIR_SRC)/config/ssh/sshd_config \
/etc/ssh/sshd_config
# install custom OpenSSH client configuration
--
2.26.2
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2021-05-30 10:33 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-30 10:33 [PATCH] OpenSSH: restrict file permissions for sshd_config to 0600 Peter Müller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox