On Tue, Mar 04, 2008 at 10:20:50AM +0000, Darren J Moffat wrote: > Roland Mainz wrote: > > Hi! > > > > ---- > > > > Would be there any (technical) objections to modify "useradd" to add > > entries to /etc/publickey by default (and assign a default host key for > > the machines, too) ? > > The idea is to get SecureRPC working by default on a plain Solaris > > installation to allow users to use X11's SUN-DES-1 authentification > > scheme instead of MIT-MAGIC-COOKIE-1 stuff (e.g. use $ xhost +username@ > > # instead of shuffeling cookies around which should be much more > > user-friendly) and/or use SecureRPC for NFS... > > Sounds like a great idea to me.
Is it? The files and NIS backends for publickey(4) only supports 192-bit keys, which are too weak, and without NIS/NIS+/LDAP then you get no non-local benefit from having any entries in /etc/publickey unless you manually maintain it. Network security requires the deployment of authentication infrastructure or ad-hoc, SSH publickey-like leap-of-faith authentication. The files backend of publickey(4) != either. Also, I'm not sure that any method of X11 display authentication other than cookies makes sense unless we want users to be able to share their displays with *other* users. Consider: if the only reason to forward krb5 creds to a remote server is so I can use them to open my local display then I've given that server the ability to impersonate me to all others just so I could access my display from that server -- how odd! I could just use cookies, and then I need not give that server anything too valuable. X11 cookies works *fine* for SSH. Nico --
