I'm using openSSH in RHEL 4. Just my exercise. But I found something weird about the behavior of the SSH. The circumstances: I have 2 computer: com1 and com2. Each computer has an user account (user1@com1 and user2@com2). I intend to make user1@com1 ssh to user2@com2 without prompting a password, so sharing public key is required.
- Method 1: using This one works perfectly.
- Method 2: then in com2: This one doesn't work until I make one more - Method 3: First steps are exactly those in method 2. Then I change to root account . With the root, I . This one works without having to "chmod"

So, the question is, what makes the differences between the methods ? Why do we need "chmod" to make the thing works ? ( I think the "chmod" here does not relate to permissions at all because I changed to the same permission ! )

PS: Excuse me if my English is so bad .

The root user and normal users usually have a different permissions mask. Can you repeat what you did and make sure you note the owner/group and permissions of those files as you go along?

It's been a while since I've read through the OpenSSH and OpenSSL code, but they do care about permissions. For example, they will not work if a private key file had 'r' permission for anyone other than the owner. I imagine they might also refuse to work if anyone had write permission for the 'known_hosts' file - after all, that would mean someone can create and change your 'known_hosts' file to make themselves a trusted entity (which you probably don't want to happen).

Thank you, Pin. It's exactly the matter. I've checked the permission of the authorized_keys file and it's 660. The umask for user2 is 002. When I change the umask of user2 to 022, the problem is solved. The root@com2 has umask of 022 in the directory, so using root account to make authorized_keys file is acceptable . "chmod 600" is the thing we're taught, but they never told us why.