ssh_known_hosts readability

John Ratliff

Member
Apr 17, 2019
10
3
23
43
The ssh_known_hosts file in the proxmox cluster is stored in the /etc/pve/priv directory, which is not world readable. This means I can't use it with my normal users. Is there a reason why this couldn't be somewhere else in /etc/pve that would be world readable?

Thanks.
 
Hi,
the proxmox cluster filesystem is a database driven fuse mount mounted on /etc/pve https://pve.proxmox.com/pve-docs/pve-admin-guide.html#chapter_pmxcfs
As it not implements all POSIX features, you cannot set the permissions. Users of the group www-data can read most files, this might be an alternative? What exactly do you wish to achieve?
 
I want to login to a server as a non-root user, and be able to ssh into another server in the cluster without it asking whether the key is okay.
 
Well, as the per user ssh known_hosts are stored in the users home folder under .ssh/known_hosts this should work out of the box. You will have to accept the fingerprint only once on the first connection.
 
Yeah, I know I only have to accept the key once, but the /etc/ssh/ssh_known_hosts files should be globally readable so that all users can benefit. Without that, every user needs to verify the signature of every server individually, which is a difficult process. Just accepting the key is a security risk.

I would suggest proxmox change the shared location of the /etc/ssh/ssh_known_hosts link to maybe /etc/pve rather than /etc/pve/priv unless someone can point out some security problem I'm overlooking here.