Skip to content

Fix file access for private key and known hosts#137

Open
danfruehauf wants to merge 1 commit intomasterfrom
safe_private_file_access
Open

Fix file access for private key and known hosts#137
danfruehauf wants to merge 1 commit intomasterfrom
safe_private_file_access

Conversation

@danfruehauf
Copy link
Owner

@danfruehauf danfruehauf commented Dec 20, 2025

Fix files accessed through plugin as root. Identify and fix access to:

  • Private SSH key file (if key authentication is used)
  • known_hosts file

Make use of nm_utils_copy_cert_as_user() where those files are accessed, then use the copy of the file, instead of the actual file

Fixes and addresses #136

Needs to be thoroughly tested.

ihuguet
ihuguet reviewed Dec 22, 2025
View reviewed changes
@danfruehauf danfruehauf force-pushed the safe_private_file_access branch from 43ae2fa to 1c3f929 Compare December 23, 2025 00:17
@danfruehauf
Fix file access for private key and known hosts
9795b64 
Fix files accessed through plugin as root. Identify and fix access to:
 * Private SSH key file (if key authentication is used)
 * known_hosts file

Make use of nm_utils_copy_cert_as_user() where those files are accessed,
then use the copy of the file, instead of the actual file
@danfruehauf danfruehauf force-pushed the safe_private_file_access branch from 1c3f929 to 9795b64 Compare January 10, 2026 02:59
@danfruehauf danfruehauf changed the title WIP: Fix file access for private key and known hosts Fix file access for private key and known hosts Jan 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@ihuguet ihuguet ihuguet left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@danfruehauf @ihuguet

Comments