openssh keys in ldap
Doug E Manton
douglas.manton at uk.ibm.com
Tue Jul 17 06:32:49 EST 2001
> we assume the ldap server is secure,
If you manage the LDAP server, then you can assume it is secure. Are you
willing to hand your private keys to a server you don't control? Maybe I
am just paranoid, but in my line of work... ;-)
My private key stays on a machine which I control and it never traverses
the network, encrypted or not. I generated it, I protect it and so I
trust it. We should educate our users to treat their private keys with
the same respect.
Simple, clear rules are most likely to be followed.
--------------------------------------------------------
Doug Manton, AT&T EMEA Commercial Security Solutions
E: demanton at att.com
--------------------------------------------------------
"If privacy is outlawed, only outlaws will have privacy"
More information about the openssh-unix-dev
mailing list