E.g. If you use with kerberos, you get the effect that:
- User has to do a password auth every now and then, as determined by the
administrator (kerberos ticket lifetime)
- In between that time, users get to use their SSH key auth as they wish
Though, probably much better if someone would write a "require non-key auth
periodically" patch for OpenSSH.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds