StrictModes is an sshd option. The daemon only deals with incoming connections. It has no interest in any local user keys.StrictModes checks locally not only the /home/username/.ssh/authorized_keys file, but also any keys stored in this directory.
The ssh client program does not read the daemon configuration file. It do not think it has any similar option to control permission checking even. Private keys should always be private (0600).
The rule, quoting man authorized_keys, is If this file, the ~/.ssh directory, or the user's home directory are writable by other users, then the file could be modified or replaced by unauthorized users. In this case, sshd will not allow it to be used unless the StrictModes option has been set to “no”.Debian as well as OpenSSH don't provide specifics on StrictModes in their respective manpages
You can be as permissive as 0775, if your user is the only member of their group!
Statistics: Posted by jojopi — Wed Aug 27, 2025 1:28 pm