backdoor by authorized_keys2 leftovers

Damien Miller djm at
Wed May 11 18:44:59 EST 2011

On Tue, 10 May 2011, Dan Kaminsky wrote:

> >> Maybe it's time to drop the old stuff not to get haunted by such
> >> leftovers again.
> > 
> > Good point - I just committed a change to remove it for openssh-5.9
> > 
> I'd document, rather than remove. I think all my systems use
> authorized_keys2.  You will end up locking users and admins out. 

We'll document the removal :) Really, there is no reason to have two
files that do exactly the same thing.


More information about the openssh-unix-dev mailing list