Stephen Hahn wrote: > Yes. My recommendation would be a shared account, having constructed > and operated a captive shell environment for opensolaris.org. The > drawbacks of that particular captive shell environment are complexity > and the loss of interactive login to a system. The latter seems more > jarring than having to manage a shared file of public keys.
In which case, should we consider switching the external gate on OSO over to the same mechanism? The new membership database will require changes to the current mechanism in any case, it might be better to extract as much commonality as we can. In any case I think we'd have to check that ssh was OK with a large number of keys in the shared file, just in case there are any nasty surprises lurking... -- Alan Burlison --
