Sunday, December 21, 2025
dev@conference.yunohost.org
December
Mon Tue Wed Thu Fri Sat Sun
1
 2
 3
 4
 5
 6
 7
8
 9
 10
 11
 12
 13
 14
15
 16
 17
 18
 19
 20
 21
22 23
 24
 25 26 27 28
29 30 31        
             

[12:23:44] <Yunohost Git/Infra notifications> [yunohost] A​xolotle pushed 59 commits to enh-pydantic ([174b3ed910e4...24e316dd13e8](https://github.com/YunoHost/yunohost/compare/174b3ed910e4...24e316dd13e8))
[12:23:50] <Yunohost Git/Infra notifications> [issues] m​4lvin [commented](https://github.com/YunoHost/issues/issues/557#issuecomment-3678749528) on [issue #557](https://github.com/YunoHost/issues/issues/557) Catch-All address: Update: I got it working by putting the additional map as the first entry in virtual_alias_maps but also mentioning al...
[15:07:38] <eric_G> to be reviewed -> https://github.com/YunoHost/appgenerator/pull/13
[15:08:55] <Aleks (he/him/il/lui)> Nov 26, 2024 ? 🙀
[15:11:31] <eric_G> No, but the Go and Node stuff is from ten minutes ago. 😅
[15:12:13] <kayou> > <@ericg:matrix.org> I tried your permissions and I can't still connect with SSH key. (using password for now)

Did you try all of these
```
chmod g-w /home/user

chmod 700 /home/user/.ssh

chmod 600 /home/user/.ssh/authorized_keys
```

[15:12:49] <kayou> You can probably investigate the /var/log/auth.log file
[15:12:54] <eric_G> I stored my `authorized_key` file in `/.ssh` path ...
[15:13:20] <eric_G> let try again
[15:14:42] <eric_G> -> `-rw-------+ 1 eric eric 100 Jun 8 2025 authorized_keys`
[15:16:06] <eric_G> after permissions: `-rwx------+ 1 eric eric 100 Jun 8 2025 authorized_keys`
[15:21:31] <kayou> Do you have anything in logs about ssh?
[15:24:33] <eric_G> ```
2025-12-21T16:18:18.492118+01:00 e----e sshd-session[601740]: Connection from xx.xx.xx.Bises port 50535 on xx.xx.xxx.xxx port 22 rdomain ""
2025-12-21T16:18:18.663107+01:00 e----e sshd-session[601740]: Authentication refused: bad ownership or modes for directory /home/eric
2025-12-21T16:18:18.663203+01:00 e----e sshd-session[601740]: Failed publickey for eric from xx.xx.xx.Bises port 50535 ssh2: ED25519 SHA256:P/NHTxxxxxxx+/xxo9ExxxxxxxxRAj2n3pSm9qs
[15:24:48] <eric_G> `/home/eric` ??
[15:25:59] <Aleks (he/him/il/lui)> yeah ssh is quite pedantic on all the permissions along the entire path to make sure a malicious user on the system, anybody that is not you or root, wouldn't be able to change the keys somehow
[15:26:06] <Aleks (he/him/il/lui)> and linux permissions are full of subtleties....
[15:27:05] <Aleks (he/him/il/lui)> like, if i'm not mistaking, you may have a file `foo/file`, on which you only may have `rwx` permissions, BUT, if somebody else has `w` permission *on the parent folder* they would be able to delete and recreate the file
[15:30:28] <Aleks (he/him/il/lui)> ```shekll
$ namei -l folder/file
f: folder/file
drwxrwxrwx alex alex folder
-rw-rw---- alex alex file

$ sudo su nobody -s /bin/bash
(as nobody) $ rm folder/file
(as nobody) $ touch folder/file

$ namei -l folder/file
f: folder/file
drwxrwxrwx alex alex folder
-rw-r--r-- nobody nogroup file
```
[15:30:34] <Aleks (he/him/il/lui)> ```shell
$ namei -l folder/file
f: folder/file
drwxrwxrwx alex alex folder
-rw-rw---- alex alex file

$ sudo su nobody -s /bin/bash
(as nobody) $ rm folder/file
(as nobody) $ touch folder/file

$ namei -l folder/file
f: folder/file
drwxrwxrwx alex alex folder
-rw-r--r-- nobody nogroup file
```
[19:47:19] <Yunohost Git/Infra notifications> [issues] T​hovi98 edited [issue #2736](https://github.com/YunoHost/issues/issues/2736): Feature request: action queue for installing apps?