[JENKINS-73305] .ssh directory created with default permissions #1685
Description
#1127 (comment) reveals that the git-client plugin creates the users ~/.ssh directory with default permissions.
Depending on the umask of the user this can result in insecure permissions of the directory.
This is not a security issue as SSH performs checks of the files it uses and their parent directories and will refuse to utilise a file if it is deemed insecure.
However creating the directory without restriction is bad and if any job would attempt to use any of the native `ssh` command line(s) later it could fail due to the incorrect settings.
As there is no valid reason to not apply the recomended restrictions to the folder the plugin should create the directory appropriately when the file system is one supporting Posix based permissions.
Originally reported by 
teilo, imported from: .ssh directory created with default permissions
- assignee:
markewaite
- status: In Review
- priority: Minor
- component(s): git-client-plugin
- resolution: Unresolved
- votes: 0
- watchers: 2
- imported: 20251211-071809
Raw content of original issue
#1127 (comment) reveals that the git-client plugin creates the users ~/.ssh directory with default permissions.
Depending on the umask of the user this can result in insecure permissions of the directory.
This is not a security issue as SSH performs checks of the files it uses and their parent directories and will refuse to utilise a file if it is deemed insecure.
However creating the directory without restriction is bad and if any job would attempt to use any of the native `ssh` command line(s) later it could fail due to the incorrect settings.
As there is no valid reason to not apply the recomended restrictions to the folder the plugin should create the directory appropriately when the file system is one supporting Posix based permissions.