Hi,

I would like to make it impossible for users to change the
contents of the authorized_keys-file.

I just found out about the sshd_config setting:

AuthorizedKeysFile /etc/ssh/authorized_keys/%u

But even in that case that file has to be owned by the user,
unless I set ``StrictModes no'' which would allow other
nastyness. I would like to request that that file could also be
owned by root, so I can make that file immutable for the user,
even on filesystems which don't support the immutable flag, for
example jfs on GNU/Linux.




# Han
--
\ / The two things that can get you into trouble quicker than
)\__/( anything else are fast women and slow horses.
|(oO)|
\||/
Ts (OO)
+vVv------vVv----------------------------------------------------------+

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://www.mindrot.org/mailman/listi...enssh-unix-dev