0

For reasons I am too embarrassed to share, I ran this command as root on a remote server:

chmod a+r -R /etc

Once I logged out of the SSH session, I was not able to SSH back in:

$ ssh myusername@<HOST>
Connection closed by <HOST> Port 22

Now, I realize the chmod above was a huge mistake. However, it seems like it should have just added read permissions on everything, not removed any permissions, right? My question: how exactly did this break SSH?

(Also, in case anyone finds this from having made a similar error, I restored /etc default permissions using this answer, but I was very lucky to have an SSH connection still open elsewhere to do so.)

cheryllium
  • 111
  • 3

2 Answers2

1

You changed permissions recursively for everything under /etc. The majority of your software keeps essential files under this directory.

In many cases, changing the permissions of files needed by your software can cause the software not to work as intended.

You probably broke a lot more than ssh. You will probably need to reinstall the operating system since there is not a simple way to undo the damage this command would cause: permissions are not the same for every file under this directory.

Nmath
  • 12,664
1

SSH is picky about key permissions. Private keys shouldn't be readable by anybody except the user, and that includes the host keys for sshd, which bailed when it couldn't find a sufficiently secure host key. An example log from my system, after doing sudo chmod o+r /etc/ssh/*key:

Apr 23 15:59:31 muru sshd[21516]: error: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Apr 23 15:59:31 muru sshd[21516]: error: @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
Apr 23 15:59:31 muru sshd[21516]: error: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Apr 23 15:59:31 muru sshd[21516]: error: Permissions 0604 for '/etc/ssh/ssh_host_ed25519_key' are too open.
Apr 23 15:59:31 muru sshd[21516]: error: It is required that your private key files are NOT accessible by others.
Apr 23 15:59:31 muru sshd[21516]: error: This private key will be ignored.
Apr 23 15:59:31 muru sshd[21516]: sshd: no hostkeys available -- exiting.
muru
  • 207,228