Daniel Lang <dl_at_leo.org> writes: > Are you, by any chance, mixing up "known_hosts" and "authorized_keys"? Oops. I quoted the wrong section. I had meant to quote the section about the user_certificates. This is what I meant to cite: +A user certificate is an authorization made by the CA that the +holder of a specific private key may login to the server as a +specific user, without the need of an authorized_keys file being +present. The CA gains the power to grant individual users access +to the server, and users do no longer need to maintain +authorized_keys files of their own. I don't see a problem with the host certificates methodology. (In fact I'd love to see the known_hosts files fade away as more hosts transition to using host certificates.) Thanks, -wolfgang -- Wolfgang S. Rupprecht http://www.wsrcc.com/wolfgang/Received on Thu Nov 16 2006 - 15:45:23 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:02 UTC