diff --git a/permissions b/permissions
index e1720f8..4186b0e 100644
--- a/permissions
+++ b/permissions
@@ -150,10 +150,14 @@
 # utempter
 /usr/sbin/utempter                                      root:tty          2755
 
-# changing the global ssh client configuration makes it unreadable
-# and therefore useless. Keep in mind that users can bring their own client!
+# ensure correct permissions on ssh files to avoid sshd refusing
+# logins (bnc#398250)
 /etc/ssh/ssh_host_key                                   root:root          600
 /etc/ssh/ssh_host_key.pub                               root:root          644
+/etc/ssh/ssh_host_dsa_key                               root:root          600
+/etc/ssh/ssh_host_dsa_key.pub                           root:root          644
+/etc/ssh/ssh_host_rsa_key                               root:root          600
+/etc/ssh/ssh_host_rsa_key.pub                           root:root          644
 /etc/ssh/ssh_config                                     root:root          644
 /etc/ssh/sshd_config                                    root:root          640
 
diff --git a/permissions.changes b/permissions.changes
index 6edc3d2..d84e36c 100644
--- a/permissions.changes
+++ b/permissions.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Jul 15 11:40:22 CEST 2008 - lnussel@suse.de
+
+- ensure correct permissions on ssh files to avoid sshd refusing
+  logins (bnc#398250)
+
 -------------------------------------------------------------------
 Thu Jul  3 11:33:29 CEST 2008 - lnussel@suse.de
 
diff --git a/permissions.spec b/permissions.spec
index 411d559..ec45161 100644
--- a/permissions.spec
+++ b/permissions.spec
@@ -1,5 +1,5 @@
 #
-# spec file for package permissions (Version 2008.7.8)
+# spec file for package permissions (Version 2008.7.15)
 #
 # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # This file and all modifications and additions to the pristine
@@ -15,7 +15,7 @@ Name:           permissions
 License:        GPL v2 or later
 Group:          Productivity/Security
 AutoReqProv:    on
-Version:        2008.7.8
+Version:        2008.7.15
 Release:        1
 Provides:       aaa_base:/etc/permissions
 Requires:       /sbin/SuSEconfig
@@ -84,6 +84,9 @@ install -m 644 %{SOURCE9} $RPM_BUILD_ROOT/etc
 /var/adm/fillup-templates/sysconfig.security
 
 %changelog
+* Tue Jul 15 2008 lnussel@suse.de
+- ensure correct permissions on ssh files to avoid sshd refusing
+  logins (bnc#398250)
 * Thu Jul 03 2008 lnussel@suse.de
 - adapt permissions of lppasswd for current cups setup (bnc#406058)
 * Mon Jun 02 2008 lnussel@suse.de