authorized_keys2 directory idea

Markus Friedl markus.friedl at informatik.uni-erlangen.de
Sat Jun 9 22:27:39 EST 2001


On Fri, Jun 08, 2001 at 05:36:12PM -0400, James Ralston wrote:
> My $0.02: I'd like to see this feature.
> 
> I'm not really concerned with the authorized_keys{,2} entries.  Where
> I think the feature would be a win is with known_hosts{,2}.  My
> known_hosts file currently has 50+ entries, and it's a royal PITA to
> maintain them.

no. i don't think so.

for known_hosts you have to scan your net and build
a single file of trusted hosts that can be distributed
to all client machines.

you have to check this file for key changes.
checking for new files is much harder than
	$ diff a b



More information about the openssh-unix-dev mailing list