File Permissions
I am trying to learn how to set up Authentication Keys to log in to my server.
Could someone please explain what the following code does... Code:
chown -R example_user:example_user .ssh Rob |
|
Hi there,
Quote:
Code:
chown -R example_user:example_user .ssh [X] Doc CPU |
Quote:
Care to help me figure out the first line a little quicker? Rob |
Quote:
What happens when someone next time says Code:
chmod 766 .ssh/authorized_keys Take some time, read through and understand the information in the links. That way you won't have to ask every time something new shows up type into a terminal Code:
man chown As for the chown question the syntax goes like this: Code:
chown -arguments example_user:example_group file1 file2 files |
Thanks for trying to help.
I'm new to all of this, and will read up on things, but am trying to figure out a tutorial I was reading quicker so I can call my web host and know what I'm talking about when they modify things! Quote:
When you say "change owner and group of all files" is the a change FROM ____ TO ____? I don't understand what example_ser:example_user .ssh means? See where I am confused? Quote:
Quote:
Quote:
Rob |
Quote:
My confusion is mostly in the first line. And I will read up more, but first I need to understand Line 1. (I get the permissions stuff mostly.) Sincerely, Rob |
Quote:
Quote:
Quote:
So it's changing the owner of the .ssh directory (and all subdirectories/files) to example_user, and also changing the group to example_user. The syntax is: chown -arguments user:group file Quote:
1 = execute 2 = write 4 = read Add up the permissions you want, and you get a number between 0-7. The first number is the permission for the file/dir's owner, the second number is for any members of the file/dir's group, the third number is for everyone else. The difference between "6" and "7" is execute permission. Directories require execute permissions to navigate them, files only need execute permissions in order to execute them (programs, scripts, etc.). Quote:
|
Quote:
Quote:
Code:
chown -R rob:rob .ssh Does that mean that "Rob" the user has to be in "Rob" the group for this to work? (Could Rob *not* be in the "Rob" group?) For a single VPS where the only people with access is me and my web host, do I even need to introduce the concept of Groups? Quote:
Quote:
And if a File was 600, you could read and write to it, but not run it, right? (So why would you want to do that? When would execution be bad?) Quote:
Like this is a directory, right? Code:
~/.ssh/authorized_keys/ And this would be a file, right? Code:
~/.ssh/authorized_keys Thanks, Rob |
Quote:
To navigate a directory, it must have a execute and read bit set. Technically, 733 is valid. This will only permit writing to the directory, but the owner can read and write in the directory. Execution is bad when the file that you run contains code you don't want run. e.g. spyware. It best practice to not have execute bits on pictures, videos, documents, etc because they have no need to be permitted to execute code. |
Quote:
Quote:
chown Rob .ssh chgrp Rob .ssh To perform the two steps separately, "chown Rob:Rob .ssh" is just a shortcut. Quote:
Quote:
Quote:
Quote:
Quote:
|
Quote:
Quote:
Rob |
Quote:
Quote:
|
Quote:
Thanks! Rob |
I would suggest reading the following links to get a nice overview of the linux filesystem
http://www.tldp.org/LDP/intro-linux/...ect_03_01.html http://en.tldp.org/HOWTO/Unix-and-In...WTO/index.html A basic idea of linux (I think *nix in general) is that everything is a file. For example, you can view information about your cpu by going to /proc/cpuinfo. More or less, directories are files that reference other files. While this might seem like a odd idea, in practice it becomes a very efficent method of organizing information and giving useful features. For example, you can point output to the black hole of /dev/null, fill a file full of binary 0's from /dev/zero, and gain random information from /dev/random and /dev/urandom (the latter not being "true" random) Quote:
|
All times are GMT -5. The time now is 03:29 AM. |