YA change to .ssh/authorized

public inbox for overseers@sourceware.org
 help / color / mirror / Atom feed

* YA change to .ssh/authorized_keys
  2000-12-30  6:08 YA change to .ssh/authorized_keys Chris Faylor
@ 2000-05-08 15:00 ` Chris Faylor
  2000-12-30  6:08 ` Jason Molenda
  2000-12-30  6:08 ` Tom Tromey
  2 siblings, 0 replies; 8+ messages in thread
From: Chris Faylor @ 2000-05-08 15:00 UTC (permalink / raw)
  To: overseers

It looks like I have another user who needs to upload things to the cygwin
directory.  This means that his .ssh/authorized_keys file needs to be modified
to allow more than just cvs access.

The user is 'mring'.  Could someone make this modification?

I did not know that we'd be requiring this when I had his account set up
or I would have made sure to have mentioned it to avoid creating this
extra work.

Thanks,
cgf

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: YA change to .ssh/authorized_keys
  2000-12-30  6:08 ` Jason Molenda
@ 2000-05-08 15:09   ` Jason Molenda
  2000-12-30  6:08   ` Chris Faylor
  1 sibling, 0 replies; 8+ messages in thread
From: Jason Molenda @ 2000-05-08 15:09 UTC (permalink / raw)
  To: Chris Faylor; +Cc: overseers

On Mon, May 08, 2000 at 06:00:38PM -0400, Chris Faylor wrote:
> It looks like I have another user who needs to upload things to the cygwin
> directory.  This means that his .ssh/authorized_keys file needs to be modified
> to allow more than just cvs access.

Incidentally, this is Yet Another Problem I Didn't Tackle.

Until recently, we'd only had two or three external developers who
needed access only to upload files.  eCos has one and bartv thought
I was a loser for giving the ext person full login access just to
upload files. :-)

I don't know how this should be handled.  anon-ftp-upload is one
possibility (or plaintext passworded ftp upload) with a crontab
that would move the uploaded files to another part of the ftp tree.
The problems with this kind of automated facility are obvious.  I
don't know of any way to allow only scp access, and really you'd
want to allow only scp to one part of the file hierarchy.

Maybe folks on the net have come up with good solutions, or have
settled on methods that involve by-hand intervention of maintainers.
I just punted and gave them full login access.

Jason

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: YA change to .ssh/authorized_keys
  2000-12-30  6:08 ` Tom Tromey
@ 2000-05-08 15:16   ` Tom Tromey
  0 siblings, 0 replies; 8+ messages in thread
From: Tom Tromey @ 2000-05-08 15:16 UTC (permalink / raw)
  To: Chris Faylor; +Cc: overseers

Chris> The user is 'mring'.  Could someone make this modification?

Done.

Tom

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: YA change to .ssh/authorized_keys
  2000-12-30  6:08   ` Chris Faylor
@ 2000-05-08 15:19     ` Chris Faylor
  0 siblings, 0 replies; 8+ messages in thread
From: Chris Faylor @ 2000-05-08 15:19 UTC (permalink / raw)
  To: Jason Molenda; +Cc: overseers

On Mon, May 08, 2000 at 03:08:07PM -0700, Jason Molenda wrote:
>On Mon, May 08, 2000 at 06:00:38PM -0400, Chris Faylor wrote:
>> It looks like I have another user who needs to upload things to the cygwin
>> directory.  This means that his .ssh/authorized_keys file needs to be modified
>> to allow more than just cvs access.
>
>Incidentally, this is Yet Another Problem I Didn't Tackle.
>
>Until recently, we'd only had two or three external developers who
>needed access only to upload files.  eCos has one and bartv thought
>I was a loser for giving the ext person full login access just to
>upload files. :-)

Yeah, I can understand this.  I don't like it either.  I already have
two people with this kind of privilege and I was feeling uncomfortable
about that.  I don't even like giving global cvs access.

FWIW, this should only be temporary.  I'll try to remember to revoke
these special privileges when this requirement is gone.

The alternative was to get DJ, Corinna, or me involved every time this
guy uploads his new-improved installer, so I think that this is the
lesser of two evils.

cgf

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: YA change to .ssh/authorized_keys
  2000-12-30  6:08 YA change to .ssh/authorized_keys Chris Faylor
  2000-05-08 15:00 ` Chris Faylor
  2000-12-30  6:08 ` Jason Molenda
@ 2000-12-30  6:08 ` Tom Tromey
  2000-05-08 15:16   ` Tom Tromey
  2 siblings, 1 reply; 8+ messages in thread
From: Tom Tromey @ 2000-12-30  6:08 UTC (permalink / raw)
  To: Chris Faylor; +Cc: overseers

Chris> The user is 'mring'.  Could someone make this modification?

Done.

Tom

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: YA change to .ssh/authorized_keys
  2000-12-30  6:08 YA change to .ssh/authorized_keys Chris Faylor
  2000-05-08 15:00 ` Chris Faylor
@ 2000-12-30  6:08 ` Jason Molenda
  2000-05-08 15:09   ` Jason Molenda
  2000-12-30  6:08   ` Chris Faylor
  2000-12-30  6:08 ` Tom Tromey
  2 siblings, 2 replies; 8+ messages in thread
From: Jason Molenda @ 2000-12-30  6:08 UTC (permalink / raw)
  To: Chris Faylor; +Cc: overseers

On Mon, May 08, 2000 at 06:00:38PM -0400, Chris Faylor wrote:
> It looks like I have another user who needs to upload things to the cygwin
> directory.  This means that his .ssh/authorized_keys file needs to be modified
> to allow more than just cvs access.

Incidentally, this is Yet Another Problem I Didn't Tackle.

Until recently, we'd only had two or three external developers who
needed access only to upload files.  eCos has one and bartv thought
I was a loser for giving the ext person full login access just to
upload files. :-)

I don't know how this should be handled.  anon-ftp-upload is one
possibility (or plaintext passworded ftp upload) with a crontab
that would move the uploaded files to another part of the ftp tree.
The problems with this kind of automated facility are obvious.  I
don't know of any way to allow only scp access, and really you'd
want to allow only scp to one part of the file hierarchy.

Maybe folks on the net have come up with good solutions, or have
settled on methods that involve by-hand intervention of maintainers.
I just punted and gave them full login access.

Jason

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: YA change to .ssh/authorized_keys
  2000-12-30  6:08 ` Jason Molenda
  2000-05-08 15:09   ` Jason Molenda
@ 2000-12-30  6:08   ` Chris Faylor
  2000-05-08 15:19     ` Chris Faylor
  1 sibling, 1 reply; 8+ messages in thread
From: Chris Faylor @ 2000-12-30  6:08 UTC (permalink / raw)
  To: Jason Molenda; +Cc: overseers

On Mon, May 08, 2000 at 03:08:07PM -0700, Jason Molenda wrote:
>On Mon, May 08, 2000 at 06:00:38PM -0400, Chris Faylor wrote:
>> It looks like I have another user who needs to upload things to the cygwin
>> directory.  This means that his .ssh/authorized_keys file needs to be modified
>> to allow more than just cvs access.
>
>Incidentally, this is Yet Another Problem I Didn't Tackle.
>
>Until recently, we'd only had two or three external developers who
>needed access only to upload files.  eCos has one and bartv thought
>I was a loser for giving the ext person full login access just to
>upload files. :-)

Yeah, I can understand this.  I don't like it either.  I already have
two people with this kind of privilege and I was feeling uncomfortable
about that.  I don't even like giving global cvs access.

FWIW, this should only be temporary.  I'll try to remember to revoke
these special privileges when this requirement is gone.

The alternative was to get DJ, Corinna, or me involved every time this
guy uploads his new-improved installer, so I think that this is the
lesser of two evils.

cgf

^ permalink raw reply	[flat|nested] 8+ messages in thread

* YA change to .ssh/authorized_keys
@ 2000-12-30  6:08 Chris Faylor
  2000-05-08 15:00 ` Chris Faylor
                   ` (2 more replies)
  0 siblings, 3 replies; 8+ messages in thread
From: Chris Faylor @ 2000-12-30  6:08 UTC (permalink / raw)
  To: overseers

It looks like I have another user who needs to upload things to the cygwin
directory.  This means that his .ssh/authorized_keys file needs to be modified
to allow more than just cvs access.

The user is 'mring'.  Could someone make this modification?

I did not know that we'd be requiring this when I had his account set up
or I would have made sure to have mentioned it to avoid creating this
extra work.

Thanks,
cgf

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2000-12-30  6:08 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2000-12-30  6:08 YA change to .ssh/authorized_keys Chris Faylor
2000-05-08 15:00 ` Chris Faylor
2000-12-30  6:08 ` Jason Molenda
2000-05-08 15:09   ` Jason Molenda
2000-12-30  6:08   ` Chris Faylor
2000-05-08 15:19     ` Chris Faylor
2000-12-30  6:08 ` Tom Tromey
2000-05-08 15:16   ` Tom Tromey

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).