From 0e72cbd45114dff22dcd464529ec9918d9ecaf39 Mon Sep 17 00:00:00 2001 From: Felix Fontein Date: Thu, 12 Sep 2019 22:05:01 +0200 Subject: [PATCH] openssh_keypair file permissions/ownership: add porting guide entry (#62176) * Add porting guide entry for 2.9. --- docs/docsite/rst/porting_guides/porting_guide_2.9.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/docsite/rst/porting_guides/porting_guide_2.9.rst b/docs/docsite/rst/porting_guides/porting_guide_2.9.rst index ffa731434c4..6c5ec0abf61 100644 --- a/docs/docsite/rst/porting_guides/porting_guide_2.9.rst +++ b/docs/docsite/rst/porting_guides/porting_guide_2.9.rst @@ -673,6 +673,7 @@ Noteworthy module changes * The deprecated ``force`` option in ``win_firewall_rule`` has been removed. * :ref:`openssl_certificate `'s ``ownca`` provider creates authority key identifiers if not explicitly disabled with ``ownca_create_authority_key_identifier: no``. This is only the case for the ``cryptography`` backend, which is selected by default if the ``cryptography`` library is available. * :ref:`openssl_certificate `'s ``ownca`` and ``selfsigned`` providers create subject key identifiers if not explicitly disabled with ``ownca_create_subject_key_identifier: never_create`` resp. ``selfsigned_create_subject_key_identifier: never_create``. If a subject key identifier is provided by the CSR, it is taken; if not, it is created from the public key. This is only the case for the ``cryptography`` backend, which is selected by default if the ``cryptography`` library is available. +* :ref:`openssh_keypair ` now applies the same file permissions and ownership to both public and private keys (both get the same ``mode``, ``owner``, ``group``, etc.). If you need to change permissions / ownership on one key, use the :ref:`file ` to modify it after it is created. Plugins