atlas-sw-probe: tweak SSH key permissions

Do not run chown or chgrp for probe key files since the probe scripts are run as root anyway. Do not run chmod 644 for /etc/atlas/probe_key since an SSH private key should not be readable by any user except the owner. Signed-off-by: Michał Kępień <[email protected]>
openwrt · Jul 23, 2024 · 3242e6a · 3242e6a
1 parent 4cec3e0
commit 3242e6a
Showing 1 changed file with 3 additions and 4 deletions.
diff --git a/net/atlas-sw-probe/files/atlas.init b/net/atlas-sw-probe/files/atlas.init
@@ -102,10 +102,9 @@ create_key() {
 	[ -f $PRIV_KEY_FILE ] || ln -s $probe_key $PRIV_KEY_FILE
 	[ -f $PUB_KEY_FILE ] || ln -s $probe_pub_key $PUB_KEY_FILE
 
-	#Fix permission
-	chown atlas $probe_key $probe_pub_key
-	chgrp atlas $probe_key $probe_pub_key
-	chmod 644 $probe_key $probe_pub_key
+	#Fix permissions in case keys were generated using dropbearkey/dropbearconvert
+	chmod 600 $probe_key
+	chmod 644 $probe_pub_key
 
 	print_msg "Key generated successfully. Use the get_key command to show the public key and get instruction on how to register your probe."
 }