62 lines
2.7 KiB
Markdown
62 lines
2.7 KiB
Markdown
### Please describe the problem.
|
|
|
|
When pairing two machines with git-annex assistant, the assistant kept asking for the ssh password. Checking the git-annex daemon logs, I saw that ssh was refusing to use the key the assistant had created because it was group readable (see below for the log extract).
|
|
|
|
### What steps will reproduce the problem?
|
|
|
|
The assistant was installed from the ubuntu precise ppa backport on an up-to-date copy of ubuntu precise.
|
|
It was started using "git-annex webapp --listen=XYZ".
|
|
This was done on two machines on the same network.
|
|
Created a repository using the web-app, the same on both machines.
|
|
Did a pair request. This initially worked fine, until it got to the point of using ssh, when it started asking for the password many many times.
|
|
|
|
### What version of git-annex are you using? On what operating system?
|
|
|
|
git-annex version: 5.20140306
|
|
build flags: Assistant Webapp Pairing S3 WebDAV Inotify DBus XMPP Feeds Quvi TDFA CryptoHash
|
|
key/value backends: SHA256E SHA1E SHA512E SHA224E SHA384E SKEIN256E SKEIN512E SHA256 SHA1 SHA512 SHA224 SHA384 SKEIN256 SKEIN512 WORM URL
|
|
remote types: git gcrypt S3 bup directory rsync web webdav tahoe glacier hook external
|
|
local repository version: 5
|
|
supported repository version: 5
|
|
upgrade supported from repository versions: 0 1 2 4
|
|
|
|
Ubuntu 12.04.4 LTS
|
|
|
|
### Please provide any additional information below.
|
|
|
|
[[!format sh """
|
|
# If you can, paste a complete transcript of the problem occurring here.
|
|
# If the problem is with the git-annex assistant, paste in .git/annex/daemon.log
|
|
|
|
(started...) Generating public/private rsa key pair.
|
|
Your identification has been saved in /tmp/git-annex-keygen.0/key.
|
|
Your public key has been saved in /tmp/git-annex-keygen.0/key.pub.
|
|
The key fingerprint is:
|
|
2b:f4:28:35:72:2c:9e:5b:d3:1d:d1:a1:b7:c7:a5:34 ABC@XYZ
|
|
The key's randomart image is:
|
|
+--[ RSA 2048]----+
|
|
| . |
|
|
| o . |
|
|
| o o E .|
|
|
| . o + + |
|
|
| o * S . . + |
|
|
| . B = o . . |
|
|
| + = + . |
|
|
| + o |
|
|
| . |
|
|
+-----------------+
|
|
[2014-03-14 13:35:45 GMT] main: Pairing in progress
|
|
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
|
|
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
|
|
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
|
|
Permissions 0620 for 'ABC/.ssh/git-annex/key.git-annex-XYZ_annex' are too open.
|
|
It is required that your private key files are NOT accessible by others.
|
|
This private key will be ignored.
|
|
bad permissions: ignore key: ABC/.ssh/git-annex/key.git-annex-XYZ_annex
|
|
(merging XYZ_annex/git-annex into git-annex...)
|
|
|
|
# End of transcript or log.
|
|
"""]]
|
|
|
|
> [[Fixed|done]]; the code made sure the file did not have any group or
|
|
> world read bits, but did not clear write bits. --[[Joey]]
|