the determined sysadmin can just copy the keys where they want them to be and run chmod. problem solved. no need for a new client side config option, which carries a non-zero cost of ongoing maintenance. Cheers, peter On Mon, Oct 22, 2018 at 2:20 PM Charlie Smurthwaite <charlie@atech.media> wrote: > > I'm new here, but I feel like chiming in, I hope my opinions are > welcome. At first glance at this thread it seems unnecessary to argue > about the necessity of these checks when when the option exists to give > users the choice. > > Adding configuration option(s) for users who wish to bypass these checks > could allow experienced users to do what they need to, and less > experienced users could still benefit form the protection by default. > > Generally, giving users the choice should not be controversial, but I > will note that there is the mild fear of a user googling the error and > finding misguided advice to simply disable the check. > > Charlie > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev