We are using the PHP module SSH2 to run commands on remote servers. We are authenticating with public keys (ssh2_auth_pubkey_file()), but the problem is we must copy the id_dsa (private) and id_dsa.pub (public) key into the root directory of our web server (lighttpd) and make them chmod 644, otherwise we get “Authentication failed for root using public key in”. This seems like a MAJOR security issue. Is there anyway to keep the permissions on id_dsa chmod 600 and not make it readable by the web server, i.e. owner and group still root:root instead of lighttpd:lighttpd?
Share
How is the webserver supposed to identify itself if it cannot read the private key? It has to be readable to the webserver’s process, but it should also be 0400. Alternatively use suexec or something like that to let the login process be done by some other user.
That said, if there is any way in which the webserver can be commanded to perform some remote admin activity, you’ll have to think carefully about the security implications anyway. No matter how safe you keep the key, if anyway can coax the server into performing a remote action you’re still in trouble.