backdoor by authorized_keys2 leftovers
Iain Morgan
imorgan at nas.nasa.gov
Thu May 12 02:50:08 EST 2011
On Wed, May 11, 2011 at 06:48:38 -0500, Damien Miller wrote:
> On Tue, 10 May 2011, Jameson Graef Rollins wrote:
>
> > On Tue, 10 May 2011 23:01:14 -0700, Dan Kaminsky <dan at doxpara.com> wrote:
> > > I'd document, rather than remove. I think all my systems use
> > > authorized_keys2. You will end up locking users and admins out.
> >
> > I definitely agree with this sentiment.
> >
> > I also think that being able to specify multiple authorized_keys files
> > is very useful, so I would prefer to just see this as a documented
> > feature.
>
> Perhaps we should make options.authorized_keys_file an array to let
> people who want to use multiple files do so.
>
> -d
>
I was going to suggest something similar, but you beat me to it. :-)
One scenario that could potentially be useful in a cluster environment
would be to allow per-host authorized_keys files. Support for the
following syntax might be useful:
AuthorizedKeysFile %h/.ssh/authorized_keys.%H,%h/.ssh/authorized_keys
where '%H' would be expanded as the server's hostname. (I don't
particulary like '%H', but '%h' is already used.)
This would allow clusters which use a shared home filesystem to have
authorized_keys files which are tailored for a specific host and the
capability to fall back to a more generic file in the absence of a
host-specific one.
By the way, I applaud getting rid of the old cruft.
--
Iain Morgan
More information about the openssh-unix-dev
mailing list