[Gllug] Selective SSH logins
Nix
nix at esperi.org.uk
Wed Aug 27 04:23:26 UTC 2008
On 26 Aug 2008, Daniel P. Berrange outgrape:
> And if you have NFS home directories, and aren't requiring Keberized NFS
> clients, then SSH keys are worse than useless thanks to NFS' complete lack
> of a security model
That depends very much on your network topology. If your NFS servers and
clients are within the same trust boundary, or you only share non-
security-important state, and especially if you export read-only, I
can't see the problem.
How many people with NFS-shared home directories *don't* share their keys
the same way? Damn few.
--
`Not even vi uses vi key bindings for its command line.' --- PdS
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list