User: Password:
|
|
Subscribe / Log in / New account

KS2011: Kernel.org report

KS2011: Kernel.org report

Posted Oct 28, 2011 11:26 UTC (Fri) by josh (subscriber, #17465)
Parent article: KS2011: Kernel.org report

One question I have yet to see an answer to: why does the new kernel.org account procedure include entirely new SSH keys generated by the kernel.org admins, rather than allowing the use of existing SSH keys after careful checking?


(Log in to post comments)

KS2011: Kernel.org report

Posted Oct 28, 2011 11:28 UTC (Fri) by corbet (editor, #1) [Link]

Because a lot of existing keys were compromised and nobody wants to make guesses about which ones might be OK. SSH keys are cheap, why not replace them?

KS2011: Kernel.org report

Posted Oct 28, 2011 11:43 UTC (Fri) by josh (subscriber, #17465) [Link]

> SSH keys are cheap, why not replace them?

Replacing the SSH key doesn't seem crazy. However, maintaining a completely separate SSH key just for use on kernel.org causes quite a bit of additional complication and annoyance.

configure ssh identity by host

Posted Oct 28, 2011 17:16 UTC (Fri) by dmarti (subscriber, #11625) [Link]

You can always make a separate Host section in your .ssh/config with an IdentityFile line. Should then be used by everything that runs over ssh including git. (man ssh_config for more info)

configure ssh identity by host

Posted Oct 28, 2011 20:36 UTC (Fri) by nix (subscriber, #2304) [Link]

Does that work if you use an agent? Last time I tried, -i and IdentityFile were both ignored if an agent was in use.

configure ssh identity by host

Posted Oct 31, 2011 10:54 UTC (Mon) by mp (subscriber, #5615) [Link]

Even with IdentitiesOnly? Never tried it but looks like the option to set.

configure ssh identity by host

Posted Oct 31, 2011 17:50 UTC (Mon) by nix (subscriber, #2304) [Link]

I'm not sure that even existed in the fairly old version of OpenSSH I last encountered this problem in, five years ago. I should retest...


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds