Hi Kevin,
Kevin Locke wrote:
> But I'm curious why it might be dangerous. Is it a security concern
> or from a connection-stability perspective?
Security concern. Starting SSH sessions from init scripts will need
SSH keys without passphrase. IMHO this always needs much care so that
the private key can't do much harm if leaked.
> Could be worth adding a comment to the docs to warn users against it
> if there's a common issue that it introduces.
Yes, I'll likely add something like that.
> One other note change that would probably be worth making would be
> to run autossh as a user other than root. It's hard to make this
> generic since the sysadmin will likely want to create an
> unprivileged user and install SSH keys for it to use. Perhaps
> another motivation for putting it in the examples with some usage
> notes.
Hrm. Maybe in that case a user cron job with @reboot may be an easier
way?
Regards, Axel
--
,''`. | Axel Beckert <a...@debian.org>, http://people.debian.org/~abe/
: :' : | Debian Developer, ftp.ch.debian.org Admin
`. `' | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
`- | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
