On 10/22/2018 11:55 PM, Blumenthal, Uri - 0553 - MITLL wrote: > Not so fast. If a home directory is on an NFS or AFS filesystem, where would > that "determined sysadmin" copy the keys to? If there's not only a shared $HOME between two userids but also remote mounts, you have THREE security contexts to keep track of: localuser@centralhost, networkuser@centralhost and networkuser@whereverelsetheHOMEismountedto. Since all *other* machines would need to be expected to use the standard $HOME/.ssh to find stuff in, I would give serious thoughts to compiling OpenSSH on centralhost to default to $HOME/.ssh-%u or somesuch instead. It takes but *one* user who'ld like to keep his configs *separate* to make the point of such a setup. > Not to mention the question of what business that "determined sysadmin" has > touching my keys? Oh, I *would* prefer not to. And then I look at how many of our users actually stick to established security procedures ("I've put your [security relevant data including personal keypair] *there*, please *delete* it off that server once you've downloaded it") and ... Regards, -- Jochen Bern Systemingenieur www.binect.de www.facebook.de/binect
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev