Sylvain Beucler <[EMAIL PROTECTED]> tapota : >> > * added a prefix to authorized keys: new configuration variable: >> > $sys_authorized_keys_prefix, changes in User.pm (GetUserSSHRealKey, >> > UserAddSSHKey) and sv_users (the way to compare ssh keys in the system >> > and in the database regarding newlines). >> >> What do you mean by prefix? Does it means that the authorized_keys is >> name like ~/.ssh/$prefixauthorized_keys? >> If not, prefix is not the correct name for this configuration >> option. I realize we already have a case of configuration option with the >> word "prefix" misused, but this is a bug, not an example :) >> For cohesion sake, when a configuration option designate a directory, >> it should be naname $sys_somethingdir >> >> Apart from that, I'm not sure to understand the whole thing. The >> standard way to get authorized_keys with open ssh is >> ~/.ssh/authorized_keys. Do you have something different than that? If >> so, why (wouldn't it be the thing to fix?)? >> Do I miss something? > > Rather, you're forgetting it :) > https://mail.gna.org/public/savane-dev/2004-09/msg00241.html > > Anyway, > $sys_authorized_keys_options > or > $sys_ssh_user_options > would be indeed more appropriate.
Hum, okey. By prefix I was thinking of a prefix on the file. I would go for $sys_authorized_keys_command >> > Remaining not in Savane (should be doable in separate cron jobs, >> > unless I'm mistaken): >> > >> > * (1) create a chroot'd /etc/passwd and /etc/group -> separate cron >> > job. Copy /etc/group and /etc/passwd in each cvs root, provided /etc/ >> > is more recent that in an arbitrary cvs root. >> >> We have such system at Gna. But I'm not sure it should be part of >> Savane. It is easily doable with Savane, we could document that. But >> making Savane handling that stuff itself > > I think your sentence is 'cut' :/ Probably, yes. I was only saying that this kind of thing are likely to be very installation-specific and I'm not sure it is a real plus to include it, since it could be confusing. -- Mathieu Roy +---------------------------------------------------------------------+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +---------------------------------------------------------------------+
