Ubuntu-16.04 [SOLVED]: Secure SSMTP Files

Ubuntu-16.04 [SOLVED]: Secure SSMTP Files

Home Forums Ubuntu 16.04 Ubuntu-16.04 [SOLVED]: Secure SSMTP Files

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
  • #36994



    I’ve set up SSMTP as my server’s mailing agent. I noticed that I had to insert my server mail host information and my password is viewable in plain text. Is there an effective way to secure that file so the server still works but no one except me can see it?



    Accepted AnswerAnswer

    If you installed ssmtp using sudo apt install ssmtp this is already the case. The configuration is in /etc/ssmtp/, which is not accessible for normal users:

    [~]$ cd /etc/ssmtp/
    -bash: cd: /etc/ssmtp/: Permission denied
    [~]$ sudo ls -la /etc/ssmtp/
    total 24
    drwxr-x---   2 root mail  4096 Dec 31 18:53 .
    drwxr-xr-x 159 root root 12288 Dec 31 18:53 ..
    -rw-r-----   1 root mail   200 Apr 13  2016 revaliases
    -rw-r-----   1 root mail   589 Dec 31 18:53 ssmtp.conf

    The configuration files are owned by root and group of mail, which means that users that are member of the group mail can read them. No normal users should be member of mail, but the user running ssmtpd should be a member of this group.

    So by default the files is accessible only to root and the user running the piece of software.

    Source: https://askubuntu.com/questions/991086/secure-ssmtp-files
    Author: vidarlo
    Creative Commons License
    This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.