SFTP and umask and enhanced security (only using shadow passwords)
From: Garsha, Adam (adam.garsha_at_marquette.edu)
Date: 07/25/05
- Previous message: Shaun.Racine_at_intier.com: "SUMMARY: LSM - Cannot reattach plex, subdisk mode is RELOCATE (RLOC)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 25 Jul 2005 11:59:05 -0500 To: tru64-unix-managers@ornl.gov
After moving to use shadow passwords, our sftp users now end up creating
files with mode -rw------- (600).
When users actually log in via ssh and create files locally, the files
are instead -rw-r--r-- (644); this also used to be true for sftp prior
to using shadow passwords.
In /etc/profile the umask is set to 022. So, my working theory is that
enhanced security changed the default umask from 022 to 077 and that
sftp does not run commands in /etc/profile.
1.) What do you think about this theory.
2.) Do you know a way to force the sshd daemon to make sftp use a
certain umask and/or run /etc/profile?
3.) Do you know a reasonable way to change the default system umask to
022?
Adam Garsha
Systems Engineer
Marquette University IT Services
414-288-3750 (Office)
414-235-0112 (Cell)
adam.garsha@marquette.edu
- Previous message: Shaun.Racine_at_intier.com: "SUMMARY: LSM - Cannot reattach plex, subdisk mode is RELOCATE (RLOC)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
