From: PerlBoy (nu-ff-niet_at_geen-idee.nu)
Date: Thu, 30 Sep 2004 00:29:29 +0200
I don't know whether this is the right group to post but I'll give it a
I must admit that I haven't looked how the authentication handshake happens
and whether the feature I'm going to ask is achievable having the protocol
I like to lockdown installed public keys by adding a
'fingerprint="xx:xx:xx....:xx" option to it. I can then create a secure
webserver and enforce strong passphrases. The user will receive a private
key (file download in browser) and the webserver keeps the public key and
the belonging fingerprint.
Also a 'validuntil='<date>' option would be great to help the feature even
more to be able to create temporary accounts. This will save me from
tampering around with the shadowfile.