ssh_known_hosts readability

[John Ratliff]

The ssh_known_hosts file in the proxmox cluster is stored in the /etc/pve/priv directory, which is not world readable. This means I can't use it with my normal users. Is there a reason why this couldn't be somewhere else in /etc/pve that would be world readable?

Thanks.

 

[Chris]

Hi,
the proxmox cluster filesystem is a database driven fuse mount mounted on /etc/pve https://pve.proxmox.com/pve-docs/pve-admin-guide.html#chapter_pmxcfs
As it not implements all POSIX features, you cannot set the permissions. Users of the group www-data can read most files, this might be an alternative? What exactly do you wish to achieve?

 

[John Ratliff]

I want to login to a server as a non-root user, and be able to ssh into another server in the cluster without it asking whether the key is okay.

 

[Chris]

Well, as the per user ssh known_hosts are stored in the users home folder under .ssh/known_hosts this should work out of the box. You will have to accept the fingerprint only once on the first connection.

 

[John Ratliff]

Yeah, I know I only have to accept the key once, but the /etc/ssh/ssh_known_hosts files should be globally readable so that all users can benefit. Without that, every user needs to verify the signature of every server individually, which is a difficult process. Just accepting the key is a security risk.

I would suggest proxmox change the shared location of the /etc/ssh/ssh_known_hosts link to maybe /etc/pve rather than /etc/pve/priv unless someone can point out some security problem I'm overlooking here.