[HCoop-Help] why Kerberos instead of .ssh/authorized_keys ?

Adam Megacz megacz at hcoop.net
Fri Dec 5 19:41:38 EST 2008


Nathan Kennedy <ntk at hcoop.net> writes:
> admins simply could not figure out how to make this feature of sshd
> compatible with our AFS setup and permissions.

Unfortunately this is not correct.  See below.

> There is nothing wrong with sshd,

Yes, actually, there is.

Sshd's public key authentication assumes that anybody with root access
to our shell servers (mire) should be trusted with admin access to our
fileserver.

  - a



More information about the HCoop-Help mailing list