On Thu, Jul 12, 2007 at 06:15:31PM +0100, Karl E. Jorgensen wrote: > > Why share passwords anyway? Most of the time, > what you need is for multiple people to access the same unix/linux > account - and this would be solved by people dropping their public ssh > keys there... > genuine question here: why would anyone do that when they could use proper groups and proper permissions to allow the right users access to the right stuff? What happens if one of the several users with the ssh keys dropped in the same account is somehow compromised? THat means the whole account is compromised and *everyone else* who has their key dropped in there is compromised: what are the implications of that? And then the admin has to figure who is compromised and restructure the whole thing instead of just deleting the one problem user. A
Attachment:
signature.asc
Description: Digital signature