Marc Haber <[email protected]> writes: > On Mon, Jul 02, 2012 at 09:50:37AM -0700, Russ Allbery wrote:
>> I'm not sure that I understand the use case. I've never needed to >> create an authorized_keys file for a system account created by a >> package. Maybe you could explain more about what you're doing that >> makes this a reasonable thing to do? > The package has a collector and a presenter component and uses > rsync-over-ssh to transfer collected data to the presenter. Ah, okay. For that use case, the only thing that you would care about the user home directory containing is the authorized_keys file, correct? In this case, you could either put the home directory in /etc, or put the home directory in /var/lib with a symlink from .ssh/authorized_keys to /etc. I would tend to do the latter since you can then use more reasonable file names in /etc, such as /etc/<package>/authorized_keys. I confirmed that sshd is perfectly happy with a /var/lib/<package> directory with an .ssh subdirectory owned by root and a root-owned symlink from authorized_keys to a file /etc. I would pre-create the file in /etc with a comment saying what it's for. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
