> > If the switch is off by default, btw, users won't be warned when they > > insert an invalid key, so maybe we could even get rid of the switch. > > But we do not know what kind of key X Savane installation intend to > use. We cannot make valid assumption in this matter. That's site > specific, so it must be configurable. Even if we think being able to > list most kind of keys.
Well, the fact we restrict the key to a single line is already making assumption on the key format. As I wrote a user pointed that the 'ssh2' proprietary package use a multiple lines format -- I didn't really check, though. Likewise, I am not sure that '~/.ssh/authorized_keys' is specified by the SSH protocol. So Savane is making an assumption regarding the SSH keys format. > The default settings should not make assumptions on how the > installation is to be used. And checks that restrict usage of the > installation must always be site-configurable (like the tests made > on user and group name, for instance). The tests on user and group names made in account.php are hardcoded :/ I agree with adding a new configuration variable, but I think I misunderstood something, could you explain me again? Thanks, -- Sylvain _______________________________________________ Savane-dev mailing list [email protected] https://mail.gna.org/listinfo/savane-dev
