User-Dependent Identity File
Markus Friedl
markus at openbsd.org
Wed Jan 16 05:08:55 EST 2002
On Tue, Jan 15, 2002 at 06:00:50PM -0000, John Bowman wrote:
> > Date: Tue, 15 Jan 2002 17:29:44 +0100
> > From: Markus Friedl <markus at openbsd.org>
> > Cc: openssh at openbsd.org
> > Content-Type: text/plain; charset=us-ascii
> > Content-Disposition: inline
> > User-Agent: Mutt/1.3.25i
> >
> > On Tue, Jan 15, 2002 at 03:46:15PM -0000, John Bowman wrote:
> > > Can you implement the same code for IdentityFile? On clusters, one wants to
> > > make /ssh a local (non-NFS) file system and use a syntax like this in the
> > > system wide ssh_config file:
> > >
> > > IdentityFile /ssh/%u/id_rsa
> >
> > That's unlikely.
> >
> Oh? It is a serious security hole on many systems running openssh, so I'm
really? even if it's on unprotected NFS, id_rsa is still encrypted.
> suprised it does not interest you.
define interest.
> (ssh has a %U facilty for exactly this
> reason, as I reported to you in my message last May).
well, so i missed this part.
> If I have time, I will implement it myself and submit a patch to the list.
-m
More information about the openssh-unix-dev
mailing list