ssh: deny access to the rest of /etc/ssh/* - firejail - Mirror of https://github.com/netblue30/firejail

diff options

author	Kelvin M. Klann <kmk3.code@protonmail.com>	2021-01-10 14:29:14 -0300
committer	Kelvin M. Klann <kmk3.code@protonmail.com>	2021-01-27 18:18:39 -0300
commit	f8df786908bb9e4c8a5ec6b65e4a7b0b178954e1 (patch)
tree	fc67cd9073f5f3ef7b7ba3944fb1c75e93dcb260 /test
parent	allow-ssh.inc: allow /etc/ssh/ssh_config (diff)
download	firejail-f8df786908bb9e4c8a5ec6b65e4a7b0b178954e1.tar.gz firejail-f8df786908bb9e4c8a5ec6b65e4a7b0b178954e1.tar.zst firejail-f8df786908bb9e4c8a5ec6b65e4a7b0b178954e1.zip

ssh: deny access to the rest of /etc/ssh/*

ssh_config (allowed on allow-ssh.inc) is the only file in /etc/ssh that is used by ssh(1). The other paths are only used by sshd(8), so stop allowing them on ssh.profile and ssh-agent.profile. Path examples from sshd(8): * /etc/ssh/moduli * /etc/ssh/ssh_host_ecdsa_key * /etc/ssh/ssh_host_ecdsa_key.pub * /etc/ssh/ssh_known_hosts * /etc/ssh/sshd_config * /etc/ssh/sshrc $ pacman -Q openssh openssh 8.4p1-2

Diffstat (limited to 'test')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: