[Bug 1947] Log authorized_keys format issues and refuse to accept keys
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sun Dec 4 05:12:02 EST 2011
https://bugzilla.mindrot.org/show_bug.cgi?id=1947
--- Comment #2 from Dr. David Alan Gilbert <dave at treblig.org> 2011-12-04 05:12:02 EST ---
I agree it's a trade off, but I think I'd like to have the choice to
have a machine set up to be paranoid and make it fail with a bad line;
either to fail on any problem or something like requiring every line to
explicitly state anything that's allowed.
I also think there may be intermediates of paranoid and permissive -
e.g.
maybe if you see a command="..." with no key then you could ignore the
next key. It would take some thinking about though.
Dave
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list