On Sep 4 06:59, Nico Kadel-Garcia wrote: > On Thu, Sep 4, 2014 at 6:11 AM, shawn wilson <ag4ve.us@xxxxxxxxx> wrote: > > This got me thinking, shouldn't this go through PAM so that password > > strength restrictions can be set as well? Obviously most ssh keys are > > created locally. But, if this were implemented, I think most distros > > would adopt the same strength criteria on this as they do with passwd > > and the like. > > That... sounds wildly off-topic from the original note, and extremely > fragile. You'd have to route the existing 'ssh-keygen' tool, which is > an entirely local, well contained, and very stable tool, through PAM, > which is in itself a maintenance and configuration nightmare. ...or doesn't even exist on the target system. -- Corinna Vinschen Cygwin Maintainer Red Hat
Attachment:
pgptQxI3D5iYZ.pgp
Description: PGP signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev