Sylvain Beucler <[EMAIL PROTECTED]> tapota : > On Thu, Jan 06, 2005 at 10:26:41AM +0100, Mathieu Roy wrote: >> >> Do you add a prefix specifically disallow port-forwarding? >> > >> > That what was setup at Savannah, yes. >> > But I guess we'll do it somehow else now. >> >> Out of curiosity, which prefix do that? > > As far as I understand > no-pty -> forbid ssh -t client option > *-forwarding -> same as in sshd_config > > All in all, not very useful. > >> > So to sum up, >> > >> > - checking the key format is unnecessary and the code can be removed. >> > >> > - adding prefixes to authorized_keys is not a good design, one should >> > rather run another ssh daemon for privileged users, and the code can >> > be removed. >> >> I think so, yes. >> >> Regards, and thanks for your patient work :) > > Prefix stuff removed. Backend ran and does not recreate identical > authorized_keys; the bug recreating nferrier's key was from the branch > code and fixed back. > > I guess we're ready for the merge now.
I'll do a last test tomorrow morning and I'll do it (I usually make directly a backup of the tree, just in case). Regards, -- Mathieu Roy +---------------------------------------------------------------------+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +---------------------------------------------------------------------+ _______________________________________________ Savane-dev mailing list [email protected] https://mail.gna.org/listinfo/savane-dev
