On Fri, Jul 22, 2011 at 10:49:27AM -1000, Paul Graydon spake thusly: > So if someone manages to get a hold of the SSH key they can then run > whatever (they're permitted to) as root, or am I misunderstanding > something? SSH keys can be used to log in to servers here, but sudo > requires the user to re-authenticate, just in case a key has been > compromised.
You encrypt all of your ssh private keys so they would need a password plus being in possession of the key. -- Tracy Reed Digital signature attached for your safety. Copilotco Professionally Managed PCI Compliant Secure Hosting 866-MY-COPILOT x101 http://copilotco.com
pgpgQxNpdmhya.pgp
Description: PGP signature
_______________________________________________ Discuss mailing list Discuss@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
