Logging of comments on keys
Rob Hagopian
robopenssh at hagopian.net
Wed Feb 12 08:46:23 EST 2003
If the authorized_keys file is owned by root (a common situation for some
shared accounts we use) then users changing comments isn't an problem and
logging the comment would be useful?
-Rob
On Sun, 9 Feb 2003, Ben Lindstrom wrote:
>
>
> On 9 Feb 2003, Axel Dunkel wrote:
>
> > On 9 Feb 2003 at 21:00, Tim McGarry wrote:
> >
> > > This may seem convenient, but it's open to abuse as anyone can put any
> > > comment they like on the key they use
> >
> > Right, of course, but that's not a problem? Hm, so maybe you'd
> > suggest it would be best to log the filename of the
> > authorized_keys[2] file together with the linenumber and the comment
> > to get it less missusable? Sounds reasonable.
> >
>
> It is only as useful until someone changes their comments field. BTW,
> This has been discussed before and has been turned down number of times.
>
> - Ben
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>
More information about the openssh-unix-dev
mailing list