Patch to discourage unencrypted key generation
Iain Morgan
imorgan at nas.nasa.gov
Fri May 31 03:32:22 EST 2013
On Thu, May 30, 2013 at 12:15:46 -0500, John Hawkinson wrote:
> Iain Morgan <imorgan at nas.nasa.gov> wrote on Thu, 30 May 2013
> at 10:13:09 -0700 in <20130530171308.GB540 at linux124.nas.nasa.gov>:
>
> > - When run as non-root and using an empty password, print a
> > warning message and give a simple yes/no prompt to determine
> > whether or not to continue.
>
> Why is the user (root or not) of ssh-keygen relevant here?
>
> --jhawk at mit.edu
> John Hawkinson
Host keys are generated as root and usually in a non-interactive manner.
Presenting a warning message in this context would just create noise and
prompting for confirmation would obviously be a problem.
I suppose an alternative would be to test if stdin ia a tty.
--
Iain Morgan
More information about the openssh-unix-dev
mailing list