www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lécharny <elecha...@apache.org>
Subject Re: ASF LDAP Project - Update
Date Sat, 10 Jan 2009 11:56:25 GMT
Santiago Gala wrote:
> El sáb, 10-01-2009 a las 00:11 +0200, Graham Leggett escribió:
> (...)
>> To insure against such problems while trying it out, I would suggest 
>> that you first set up ssh to allow you in directly as root via public 
>> key SSH, so that you have a way into root without a password (which 
>> could potentially be broken) or a normal user + su (which could also 
>> potentially be broken). Then, as a second measure, try it out on a 
>> virtual server that can be externally kicked if it goes completely pear 
>> shaped.
> I have my login in people.apache.org without a password, using only ssh
> keys. There was a time when this was encouraged, and root would kill the
> password access on demand. I would greatly prefer public keys to
> password as much as I can, and I hope the LDAP change will not affect my
> ability to not having a shell password, but only a .ssh/authorized_keys
> file.
It should not change anything from the users POV, otherwise it would not 
worth the pain ...

cordialement, regards,
Emmanuel Lécharny

View raw message