Openssh + AFS
Jefferson.Ogata at noaa.gov
Thu May 29 03:38:21 EST 2008
On 2008-05-28 08:51, Rainer Laatsch wrote:
> The user cannot create that by himself.
That's one of the benefits.
> Should the admin manually fulfill
> requests if there are > 50000 users? (Current count: 50090)
If the admin trusts the users to manage their own authenticators, he can
pre-create the authorized keys file for each user. Just touch an empty
file and chown it to the user; keep the directory 755.
Top posting is a sign of fuzzy thinking.
> On Tue, 27 May 2008, Jefferson Ogata wrote:
>> The authorized_keys file doesn't have to reside in the user's home
>> directory. In many cases it is preferable if it is not. See the
>> AuthorizedKeysFile directive. I often use something like:
>> AuthorizedKeysFile /etc/ssh/keys/%u
Jefferson Ogata <Jefferson.Ogata at noaa.gov>
NOAA Computer Incident Response Team (N-CIRT) <ncirt at noaa.gov>
"Never try to retrieve anything from a bear."--National Park Service
More information about the openssh-unix-dev