backdoor by authorized_keys2 leftovers

Iain Morgan imorgan at
Thu May 12 02:50:08 EST 2011

On Wed, May 11, 2011 at 06:48:38 -0500, Damien Miller wrote:
> On Tue, 10 May 2011, Jameson Graef Rollins wrote:
> > On Tue, 10 May 2011 23:01:14 -0700, Dan Kaminsky <dan at> wrote:
> > > I'd document, rather than remove. I think all my systems use
> > > authorized_keys2.  You will end up locking users and admins out.
> > 
> > I definitely agree with this sentiment.
> > 
> > I also think that being able to specify multiple authorized_keys files
> > is very useful, so I would prefer to just see this as a documented
> > feature.
> Perhaps we should make options.authorized_keys_file an array to let
> people who want to use multiple files do so.
> -d

I was going to suggest something similar, but you beat me to it. :-)

One scenario that could potentially be useful in a cluster environment
would be to allow per-host authorized_keys files. Support for the
following syntax might be useful:

AuthorizedKeysFile %h/.ssh/authorized_keys.%H,%h/.ssh/authorized_keys

where '%H' would be expanded as the server's hostname. (I don't
particulary like '%H', but '%h' is already used.)

This would allow clusters which use a shared home filesystem to have
authorized_keys files which are tailored for a specific host and the
capability to fall back to a more generic file in the absence of a
host-specific one.

By the way, I applaud getting rid of the old cruft.

Iain Morgan

More information about the openssh-unix-dev mailing list