SSH known_hosts and config created as executable

csmart / ansible-role-virt-infra

Define and manage guests and networks on a KVM host with Ansible

GNU General Public License v3.0

67 stars 48 forks source link

SSH known_hosts and config created as executable #18

Closed ghost closed 4 years ago

ghost commented 4 years ago

When creating new ~/.ssh/config and ~/.ssh/known_hosts, the files are created with permission 0755.

Permission should be 0600.

$ ls -l
total 32
-rw------- 1 wyntre wyntre  1195 May  4 16:31 authorized_keys
-rwxr-xr-x 1 wyntre wyntre   717 May  5 20:09 config
-rw------- 1 wyntre wyntre  1679 Mar 19 08:46 id_rsa
-rw-r--r-- 1 wyntre wyntre   395 Mar 19 08:46 id_rsa.pub
-rwxr-xr-x 1 wyntre wyntre 15792 May  5 20:09 known_hosts

csmart commented 4 years ago

hey @wyntre thanks for reporting this. As per your pull request, looks like we'll also need this in a couple of spots in host-remove.yaml, too.