removing ssh access in an emergency
Ian Malone
ibmalone at gmail.com
Wed Aug 30 15:48:34 UTC 2006
This occurred to me this morning:
I log into my home machine remotely using an ssh
authorised key which I keep on a USB stick. In the
event it was lost or stolen it's pretty unlikely anyone
would use it to try to break into my machine, but
ideally you would want a remote way to disable the key.
Has anyone thought about this?
My first thought was a user account with password
authentication that instead of a login shell would run a
program which deleted the authorized_keys file in
question. Is this open to exploitation? (other than
running the risk that someone cracks the password
and prevents me logging in)
--
imalone
More information about the fedora-list
mailing list