[HCoop-Help] why Kerberos instead of .ssh/authorized_keys ?

[Adam Megacz]

Nathan Kennedy <ntk at hcoop.net> writes:
> admins simply could not figure out how to make this feature of sshd
> compatible with our AFS setup and permissions.

Unfortunately this is not correct.  See below.

> There is nothing wrong with sshd,

Yes, actually, there is.

Sshd's public key authentication assumes that anybody with root access
to our shell servers (mire) should be trusted with admin access to our
fileserver.

  - a