-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sylvain Beucler <[EMAIL PROTECTED]> tapota :
> Hello, > > James E. Blair, the FSF system administrator, insist on sanitizing the > authorized_keys files. > > Put it another way, we would check that what the user enters in the > SSH keys fields, matches the OpenSSH format for protocol either > version 1 and 2. Or only version 2 if we don't need to support version > 1. Note that we don't support all versions of SSH anyway; I saw that > apparently the 'ssh2' (proprietary) package from Debian uses another > format that look more like a GPG key (header and multiples lines). > > There are not many version of the authorized_keys format, so the > maintainance would not be tedious. As far as improvements are > concerned, we gain a little bit in security (ie if authorized_keys > were exploited a day), and we could tell the user when his key is not > valid straight away. > > So, indepently of James' point of view, I think this feature is worth > adding. What do you think? - - I think that if someone is willing to implement it, it must be done in the *frontend* first. Having the backend trying to insert keys every 4 hours, without the user even knowing exactly what is going on, is not fine. The point is that we should avoid at any cost to make the backend dealing with mistakes of the frontend. - - I think it must be configurable. In others words, there should be a configuration option, off by default, that permits to activate these checks, to select which one (value like "0" or "rsa1" or "rsa1,rsa,dsa"). The comment that come along the configuration option should not lead people that install Savane that this is the right way to restrict access to their ssh server (ie: they should be made aware of sshd_config options like "Protocol"). I'm still not convinced that this feature make a difference security wise (but that does not matter since I'm not the one spending time on it), but I agree it can, if implemented in the frontend, improve user experience by telling him if his key is invalid -- and this would be good. - -- Mathieu Roy +---------------------------------------------------------------------+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +---------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFB6OsgNl9/9y2hmbkRAnxDAJ4zFk7lSGUQvsb8+03lR5PnicLbowCeK91m gMXC1zeEqTwIdg7bipwIb2o= =PeJJ -----END PGP SIGNATURE----- _______________________________________________ Savane-dev mailing list [email protected] https://mail.gna.org/listinfo/savane-dev
