On 2011-Oct-12 14:05:16 +0200, Dag-Erling Smørgrav <d...@des.no> wrote:
>"Bjoern A. Zeeb" <bzeeb-li...@lists.zabbadoz.net> writes:
>> Mergemaster brought up this change:
>>
>> +# The default is to check both .ssh/authorized_keys and 
>> .ssh/authorized_keys2
>> +# but this is overridden so installations will only check 
>> .ssh/authorized_keys
>> +AuthorizedKeysFile     .ssh/authorized_keys
>>
>> This will break setups that have authorized_keys2 files (only) and needs to
>> be reverted I think?

This is probably a reasonable change in head but, IMHO, it shouldn't
be MFC'd.

>authorized_keys2 has been deprecated for ~10 years now.

I find authorized_keys2 very handy at $work.  I have one set of keys
that are centrally managed and common across all hosts and a second
set of keys that are local to each disjoint subgroup of hosts and
managed within each group.  Using both authorized_keys and
authorized_keys2 substantially simplifies the overall key management.

-- 
Peter Jeremy

Attachment: pgpcCk3NoEtPC.pgp
Description: PGP signature

Reply via email to