Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Making my LAN a passwordless zone



On Fri, Jul 10, 2009 at 12:44 PM, Stephen J. Turnbull<stephen@example.com> wrote:
> Doug McLean writes:
>
>  > > More important than this is configuring your authorized_keys file.  If
>  > > you have an extremely frequent use case such as starting a music
>  > > player, you can do this in authorized_keys:
>  >
>  > If performing a specific task only, setting up commands like that in
>  > authorized_keys is a great idea, but if for some reason a person needs
>  > more flexiblity or interactive setup,
>
> True.  But there's nothing to stop you from having task-specific keys.
> I used to have one of these for breaking CVS locks in a public
> project.  It would reap any locks that were more than 15 minutes old,
> which is pretty safe.  All committers had the key.  Even though shell
> access and the access to CVSROOT was limited to a small cabal, this
> very important admin task could be preformed in a fairly timely way by
> any committer.

Indeed, anything that can be reliably automated is a great way to cut
down on human-error, and this is a good example of it.  :)


-- 
Doug McLean

Blog: http://nihonshukyo.wordpress.com/


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links