[nycbug-talk] Public-key sudo?

[Edward Capriolo]

You can tell people to lock their SSH keys keys with a password and store
them on an encrypted drive, but counting on users is something I never do.
People can strip the password encoded off a key, or chose to use some what
ssh client that stores the key password in a non encrypted file.

I used to like LDAP and Kerberos but a high percentage of admins hate LDAP
auth.  People who know LDAP and/or Kerberos are a serious minority. I have
had the fight multiple times (the infamous LDAP is more more thing to
break) argument. So I have moved on with my life.

My argument is: I use SSH keys because the client server interaction is not
based on short text strings that are easy to give away. I can push out keys
to appropriate servers and control access.

I definitely understand why people do not like NOPASSWD, but I just do not
get having a password for sudo when it does not take one to get into the
system. I do not count the password the user chose to lock there key as a
password.


On Sat, Jan 7, 2012 at 8:32 PM, Pete Wright <pete at nomadlogic.org> wrote:

> On Sat, 07 Jan 2012 17:25:31 -0800, Edward Capriolo <edlinuxguru at gmail.com>
> wrote:
>
>  It isn't lazyness. When I was "sold" on SSH keys the concept was that
>> passwords are hard to rotate and not safe because people write them down
>> on
>> napkins, share them, etc. So since I have "bought into" this philosophy it
>> seems contradictory to me to have sudo use a password.
>>
>
> well your keys are locked with a password, aren't they?  so i'm not sure
> that is a good argument to use ssh key based authentication...
>
>
> -p
>
> --
> Pete Wright
> pete at nomadlogic.org
> www.nomadlogic.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nycbug.org/pipermail/talk/attachments/20120108/2ce78944/attachment.html>