1, problem description
Output the following when i.mx6 loads the boot information
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ warning:unprotected PRIVATE KEY FILE! 0755 for '/usr/local/openssh/etc/ssh_host_rsa_key ' /usr/local/openssh/etc//usr/local/openssh/etc/ssh_host_rsa_key
2. Solution
The permissions for the private key file are set to 700, and the permissions for the public key file (. pub file) are 755
3. Reason
When the file system is loaded on NFS, all files in the file system are changed to 777 permissions.
When the private key file is loaded, it is considered illegal if its permission is 777.
This is because: based on the "Public private key" authentication mode for SSH logon situation, will generate a pair of public private key (public key file name is similar to x.pub, the private key file name X)
Then the public key is placed on the server, the private key is reserved, and when SSH is logged in, the SSH program sends the private key to the server to match the public key on the server.
A successful party can log on. Here's a security question, what if the private key file is stolen by someone else? The permission to set the private key file in Linux is 700, so
If the account is not stolen, the private key file can not be accessed to achieve a certain degree of security assurance.
Why cannot the private key file permissions be set to 755