Permissions on key.token should be restricted
bradrf opened this issue · comments
Brad Robel-Forrest commented
When using set-auth
, the key is stored with permissions to be read by the world:
❯ ls -al ~/.tunnelto/key.token
.rw-rw-r-- brad brad 22 B Wed Aug 17 08:43:14 2022 /home/brad/.tunnelto/key.token
Instead, these should be set to 0600
or similar.