I wouldn't say screwed, but certainly in danger of being ravished...
Start off with
chmod -R o-wx /etc to stop ordinary users changing files under /etc. Here is the listing for my /etc/ssh directory. Changing yours to something like that should fix the ssh permissions:
Code:
$ ls -l /etc/ssh
total 164
-rw-r--r-- 1 root root 132839 2006-02-07 12:16 moduli
-rw-r--r-- 1 root root 1348 2006-02-18 06:13 ssh_config
-rw------- 1 root root 1192 2006-01-05 09:04 ssh_host_dsa_key
-rw-r--r-- 1 root root 1113 2006-01-05 09:04 ssh_host_dsa_key.pub
-rw------- 1 root root 974 2006-01-05 09:04 ssh_host_key
-rw-r--r-- 1 root root 638 2006-01-05 09:04 ssh_host_key.pub
-rw------- 1 root root 1675 2006-01-05 09:04 ssh_host_rsa_key
-rw-r--r-- 1 root root 393 2006-01-05 09:04 ssh_host_rsa_key.pub
-rw-r--r-- 1 root root 2892 2006-02-18 06:15 sshd_config
Here are my /etc /opt and /var directories:
Code:
$ ls -ld /etc /opt /var
drwxr-xr-x 47 root root 4192 2006-02-18 11:31 /etc/
drwxr-xr-x 5 root root 136 2006-01-18 13:25 /opt/
drwxr-xr-x 17 root root 464 2006-01-15 05:33 /var/
I'drun the following (some of the files may need to be executable by the group so you may still get an occasional error after this):
Code:
find /opt -type d -exec chmod 0755 {} \;
find /opt -type f -exec chmod go+r {} \;
Here are the contents of my /var:
Code:
$ ls -l /var
total 2
drwxr-xr-x 2 root root 72 2006-01-05 05:31 X11R6/
lrwxrwxrwx 1 root root 3 2006-01-09 19:19 adm -> log/
drwxr-xr-x 5 root root 120 2006-02-03 11:23 cache/
drwxr-xr-x 2 root root 48 2006-02-07 12:16 empty/
drwxr-xr-x 12 root root 296 2006-02-18 10:53 lib/
drwxrwxrwt 4 root root 96 2006-02-20 06:21 lock/
drwxr-xr-x 12 root root 1952 2006-02-21 04:40 log/
lrwxrwxrwx 1 root root 10 2006-01-09 19:19 mail -> spool/mail/
drwxr-xr-x 12 root root 288 1993-11-25 12:29 man/
drwxr-xr-x 3 root root 232 2006-02-19 07:15 named/
drwxr-xr-x 9 root root 976 2006-02-21 03:00 run/
lrwxrwxrwx 1 root root 15 2006-01-09 19:19 rwho -> /var/spool/rwho/
drwxr-xr-x 13 root root 328 2004-06-07 14:40 spool/
drwxr-xr-x 3 root root 80 2005-07-25 10:11 state/
drwxrwxrwt 7 root root 232 2006-02-19 20:35 tmp/
drwxr-xr-x 8 root root 208 2005-06-25 23:48 www/
and /var/spool (for mail, others will definitely need tweaking as well):
Code:
$ ls -l /var/spool
total 0
drwx------ 2 daemon daemon 72 2006-01-05 05:31 atjobs/
drwx------ 2 daemon daemon 48 2003-11-24 10:22 atspool/
drwxrwx--- 2 smmsp smmsp 80 2006-02-21 03:00 clientmqueue/
drwxr-x--- 3 root wheel 72 2006-02-21 04:47 cron/
drwx--x--- 3 root sys 216 2006-02-19 20:45 cups/
drwxrwxrwt 2 root mail 144 2006-02-21 05:24 mail/
drwx------ 2 root bin 48 2006-02-21 05:23 mqueue/
drwxr-xr-x 2 root root 48 2005-07-14 15:37 pop/
drwxr-xr-x 2 root root 48 1994-02-13 04:53 rwho/
drwxrwxrwt 2 root root 48 2006-02-19 20:45 samba/
drwxrwxr-x 4 root root 96 2005-06-26 21:55 squirrelmail/
Keep posting the errors you're getting so people here can tackle them as they happen... and good luck!