On Thu, Jul 12, 2007 at 10:32:28AM -0700, Andrew Sackville-West wrote: > > genuine question here: why would anyone do that when they could use > proper groups and proper permissions to allow the right users access > to the right stuff? What happens if one of the several users with the > ssh keys dropped in the same account is somehow compromised? THat > means the whole account is compromised and *everyone else* who has > their key dropped in there is compromised: what are the implications > of that? And then the admin has to figure who is > compromised and restructure the whole thing instead of just deleting > the one problem user. > > A
That is not correct. Only the public part of the key is compromised, which gets you precisely nothing. Now, if the *private* part of the key were compromised (along with its passphrase), then you have a legitimate concern. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
