Retrieving authorized_keys via remote script
Peter Stuge
peter at stuge.se
Tue Dec 20 17:09:14 EST 2011
Michael J. Flickinger wrote:
>>> a clean and safe way to extend the authorized_keys functionality.
>>
>> How safe it is depends on what you execute I guess.
>
> You cannot really baby-sit the user though, they can already do
> unsafe things...
It's not about the user, but about root who runs sshd, and suddenly
requires even more clue in order to run a tight ship.
I completely understand being conservative with adding hooks and
"plugins" in sshd.
//Peter
More information about the openssh-unix-dev
mailing list