Exam XK0-005 topic 1 question 86 discussion

file permissions on .ssh/authorized_keys must be restricted for SSH to accept it -rw-r--r-- the last r here means readable by others it is insecure so ssh ignores it

(A) is most plausibly correct. A typical SELinux label for authorized_keys looks like this: 'unconfined_u:object_r:ssh_home_t:s0'. (B) There is no command, 'ssh_keygen'. (It's 'ssh-keygen'. (C) The file is owned by its user, not root. (D) The file, authorized_keys, works fine in 0600, 0640, and 0644. (But it's true that the best practice is 0600.)

D. chmod 600 .ssh/authorized_keys. It must have 600 permissions to work properly.

D. chmod 600 .ssh/authorized_keys This command sets the file permissions of .ssh/authorized_keys to 600, which means that only the owner (in this case, the user) will have read and write permissions, and no other users will have any permissions. By setting the correct permissions on the authorized_keys file, SSH will be able to use the key for authentication without asking for a password.

"restorecon" is a command in SELinux (Security-Enhanced Linux) that is used to reset the security context of a file to its default SELinux security context. The "restorecon" command can be useful in cases where the SELinux security context of a file has been altered or changed, causing issues with the file's behavior or access. The "restorecon .ssh/authorized_keys" command specifically resets the security context of the "authorized_keys" file in the ".ssh" directory to its default SELinux security context. This can be useful in cases where the SELinux security context of the "authorized_keys" file has been altered, causing issues with SSH authentication.

A does appear to be the correct method to restore the default context of a file