Openssh + AFS

Jefferson Ogata Jefferson.Ogata at
Thu May 29 03:38:21 EST 2008

On 2008-05-28 08:51, Rainer Laatsch wrote:
> The user cannot create that by himself.

That's one of the benefits.

> Should the admin manually fulfill
> requests if there are > 50000 users? (Current count: 50090)

If the admin trusts the users to manage their own authenticators, he can 
pre-create the authorized keys file for each user. Just touch an empty 
file and chown it to the user; keep the directory 755.

Top posting is a sign of fuzzy thinking.

> On Tue, 27 May 2008, Jefferson Ogata wrote:
>> The authorized_keys file doesn't have to reside in the user's home
>> directory. In many cases it is preferable if it is not. See the
>> AuthorizedKeysFile directive. I often use something like:
>> AuthorizedKeysFile /etc/ssh/keys/%u

Jefferson Ogata <Jefferson.Ogata at>
NOAA Computer Incident Response Team (N-CIRT) <ncirt at>
"Never try to retrieve anything from a bear."--National Park Service

More information about the openssh-unix-dev mailing list