* Alan Burlison <Alan.Burlison at sun.com> [2008-07-17 21:38]: > Stephen Hahn wrote: > >> Yes. My recommendation would be a shared account, having constructed >> and operated a captive shell environment for opensolaris.org. The >> drawbacks of that particular captive shell environment are complexity >> and the loss of interactive login to a system. The latter seems more >> jarring than having to manage a shared file of public keys. > > In which case, should we consider switching the external gate on OSO over > to the same mechanism? The new membership database will require changes to > the current mechanism in any case, it might be better to extract as much > commonality as we can.
Yes, I think so. There are a number of related features that would be easier with one shared account per project than with the current approach. > In any case I think we'd have to check that ssh was OK with a large number > of keys in the shared file, just in case there are any nasty surprises > lurking... Okay. - Stephen -- sch at sun.com http://blogs.sun.com/sch/
