On Sat, 2002-08-31 at 20:03, Steve Loughran wrote: > If you have the private keys on a system you've put a chink in the security, > and if you have that system running build files from SCM, then you have to > stop the SCM from being compromised too. But that latter problem exists with > all server side projects, to a greater or lesser extent.
Not true. Ssh allows us to define per-key restrictions. I can set it up so that a certain key can only be used to execute one particular command and only when it is used from one particular ip address. That is quite safe. It is a good protocol from this perspective. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
