openssh bugs - Jan 2009 - [Bug 172] Add multiple AuthorizedKeyFiles options

https://bugzilla.mindrot.org/show_bug.cgi?id=172


Jameson Rollins <ssh-bugzilla at finestructure.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ssh-bugzilla at finestructure.
                   |                            |net




--- Comment #7 from Jameson Rollins <ssh-bugzilla at finestructure.net> 
2009-01-31 01:53:16 ---
I realize this issue is quite old, but I would really like to see this
option available as well.  I think there are a couple of very good
reason to add this feature.

It is possible to configure systems to handle AuthorizedKeys files in
multiple ways.  Things can be configured such that the file is
maintained by the user (when using the typical %h/.ssh/authorized_keys
setting), or so that it is maintained by an administrator (eg.
/etc/ssh/authorized_keys/%u).  If multiple AuthorizedKeysFile options
were allowed, sshd could easily support both user <i>and</i>
administrator controlled files.  I can see this being useful in many
situations, but it would particularly be useful for the <a
href="http://web.monkeysphere.info">monkeysphere</a>, where
we would
like to be able to support both monkeysphere-maintained and user
maintained authorized_keys files.

I also think the issue about multiple matching keys is not a worry. As
Alex Kiernan points out, it is possible to have multiple matching keys
in a single file, and the way around it is to accept the options from
the first encountered key.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.