On Wed, 2 May 2001, Mike Forey wrote:
> Does anyone have any thoughts as to whether it is a good/bad idea to set the
> users full name in the comment field of the public key? eg "John Smith"
That's why it's called "public" key. It is safe to broadcast its
contents to the whole world.
> If I did this, would it be possible to send to syslog, details of exactly
> which user (by printing the comment) logged in.
Syslog only records usernames, not the contents of public keys.
SSh will not help you hide the contents of syslog; added security
measures must also be done. On my machine, all logs are chmod 600
and owned by root only.
--------------------
"Security begins as a state of mind."
-- NSA Manual
