backdoor by authorized_keys2 leftovers
Jameson Graef Rollins
jrollins at finestructure.net
Wed May 11 16:23:30 EST 2011
On Tue, 10 May 2011 23:01:14 -0700, Dan Kaminsky <dan at doxpara.com> wrote:
> I'd document, rather than remove. I think all my systems use
> authorized_keys2. You will end up locking users and admins out.
I definitely agree with this sentiment.
I also think that being able to specify multiple authorized_keys files
is very useful, so I would prefer to just see this as a documented
feature.
jamie.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20110510/0091acbd/attachment.bin>
More information about the openssh-unix-dev
mailing list