On Fri, Dec 14, 2012 at 09:50:47PM +0000, Clint Adams wrote:> How easy would it be to have tinc support multiple keys per peer? > > I am wondering about using Monkeysphere to populate the host files.Why do you need multiple keys per node for Monkeysphere? -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc-devel/attachments/20121216/2b25ac45/attachment.pgp>
On Sun, Dec 16, 2012 at 02:13:02PM +0100, Guus Sliepen wrote:> Why do you need multiple keys per node for Monkeysphere?It is possible for there to be more than one Monkeysphere-validated key for a userid, and no way of knowing which of those is the "correct" one. The solution for ssh involves generating an authorized_keys file with all valid, matching keys. Presumably this cannot currently be done with tinc.