Add ownership fix

README.md

@@ -4,8 +4,9 @@ The best practice configuration for the personal .ssh directory is to restrict a
 This PowerShell script automatically repairs the permissions of the .ssh directory and files. It does the following for all items within and including the given .ssh directory:
 
 * Disables inheritance
+* Sets owenership to one user
 * Removes all permissions
-* Grants one user full access
+* Grants one user full control
 
 ## Installation
 Download and unpack the [latest release](https://github.com/countzero/repair_ssh_permissions/releases/latest) to your machine.

repair_ssh_permissions.ps1

@@ -54,6 +54,19 @@ function Disable-Inheritance([String] $item) {
     Set-Acl -Path $item -AclObject $acl
 }
 
+function Set-UserOwnership([String] $item) {
+
+    Write-Host "Let '$user' own '${item}'..." -ForegroundColor "DarkYellow"
+
+    $acl = Get-Acl -Path $item
+
+    $userAccount = New-Object System.Security.Principal.NTAccount($user)
+
+    $acl.SetOwner($userAccount)
+
+    Set-Acl -Path $item -AclObject $acl
+}
+
 function Remove-AllAccessPermissions([String] $item) {
 
     Write-Host "Removing all access permissions on '${item}'..." -ForegroundColor "DarkYellow"
@@ -84,7 +97,6 @@ function Grant-UserFullControl([String] $item) {
     Set-Acl -Path $item -AclObject $acl
 }
 
-
 Write-Host "Fixing directory and file permissions of '${path}'..." -ForegroundColor "Yellow"
 
 # We are repairing the .ssh directory and everything within it.
@@ -93,6 +105,7 @@ $items = @($path) + @($(Get-ChildItem -Path $path -Force -Recurse).FullName)
 foreach ($item in $items) {
 
     Disable-Inheritance -item $item
+    Set-UserOwnership -item $item
     Remove-AllAccessPermissions -item $item
     Grant-UserFullControl -item $item
 }