[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
RE: ssh keys
- From: Steve Traylen <s traylen rl ac uk>
- To: kickstart-list redhat com
- Subject: RE: ssh keys
- Date: Wed, 2 Apr 2003 09:03:58 +0100 (BST)
On Wed, 2 Apr 2003, John wrote:
> On Tue, 1 Apr 2003, Steve Traylen wrote:
>
> > On Tue, 1 Apr 2003, Skahan, Vince wrote:
> >
> > >
> > > I load a rpm with the keys during my kickstart.
> >
> > Which is a really bad idea generally since now your
> > private key is sitting on webserver, nfsserver.
> >
>
> You're jumping to conclusions there. Most of *my* webservers are
> accessible only privately.
But the installed node must now have access to the keys at user level
rather than at just root level as it should be? Unless you
reboot the machine with different identity to its install
identity perhaps. Maybe you trust all your users, and
services as well of course. My point was the general one that
its usually a bad idea though.
Steve
>
>
> > It its from a CD thats okay of course.
>
> I'd say that's less secure than my web servers.
>
>
>
--
Steve Traylen
s traylen rl ac uk
http://www.gridpp.ac.uk/
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]