True. I am not allowing anonymous access or anything, I just have a handle full of developers in my group...all people I know personally. They can easily give me their public key and I have to manually put it into the authorized_keys2 file. I suppose if their private keys were compromised I could have an issue. How would you suggest controlling access to CVSROOT?
Thanks, tg ----- Original Message ----- From: "Geoff Beier" <[EMAIL PROTECTED]> To: "Tim Grotenhuis" <[EMAIL PROTECTED]> Cc: "CVS-II Discussion Mailing List" <[EMAIL PROTECTED]> Sent: Tuesday, May 04, 2004 5:08 PM Subject: Re: need to force username of cvs 'action' when using shared SSHaccount > > On May 4, 2004, at 3:46 PM, Tim Grotenhuis wrote: > > > b. through the SSH command="" you can limit users to one command based > > on > > the key they are authenticating with. > > > Or any command they can convince the program specified in command= to > execute. If you go down this path, be very careful with how you control > access to CVSROOT :-) > > Regards, > > Geoff > > > > _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
