private keys and users access to them

From: Tobias Speckbacher (tobias_at_quova.com)
Date: 05/01/04

Next message: Jeremy Lin: "Re: private keys and users access to them"

Previous message: monster: "Re: SSh internal window size.. (again)"
Next in thread: Jeremy Lin: "Re: private keys and users access to them"
Reply: Jeremy Lin: "Re: private keys and users access to them"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 30 Apr 2004 17:43:11 -0700
To: <secureshell@securityfocus.com>

Hi guys,

I am in the process of switching all logons in my production environment
to a key based system. Currently everyone just creates their key pairs,
or I create it for them, and I deposit the public key on the remote
system.

Here comes the question...

I do not want users to grab their private key and take them to other
systems or even worse take the key out of the office.

Is there a way for me to prohibit the users access to the key ?
Currently I am assuming that there isn't since ssh/scp/sftp process are
owned by the user and as such have to have access to the key to process
the authentication (hence the user will have access to it too).

If there is a way to accomplish this please enlighten me !

Regards,

Tobias

Next message: Jeremy Lin: "Re: private keys and users access to them"

Previous message: monster: "Re: SSh internal window size.. (again)"
Next in thread: Jeremy Lin: "Re: private keys and users access to them"
Reply: Jeremy Lin: "Re: private keys and users access to them"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]