private keys and users access to them
From: Tobias Speckbacher (tobias_at_quova.com)
Date: Fri, 30 Apr 2004 17:43:11 -0700 To: <firstname.lastname@example.org>
I am in the process of switching all logons in my production environment
to a key based system. Currently everyone just creates their key pairs,
or I create it for them, and I deposit the public key on the remote
Here comes the question...
I do not want users to grab their private key and take them to other
systems or even worse take the key out of the office.
Is there a way for me to prohibit the users access to the key ?
Currently I am assuming that there isn't since ssh/scp/sftp process are
owned by the user and as such have to have access to the key to process
the authentication (hence the user will have access to it too).
If there is a way to accomplish this please enlighten me !