According to the documentation it should be possible to setup a shared SSH key for logins to Debian.org machines.

However after sending the request several days ago nothing appears to have happened. No confirmation/reject mail sent, and no key-based logins accepted on the random machines I tested against.

Is this something that was tightened up post-compromise?

My intention was twofold:

• Setup a shared key for logins to Debian machines.
• Then determine how many people use such a key - as an argument towards removing password auth if the number was sufficiently high.

I expected to be able to use the LDAP search to determine how many people had keys set (without getting access to the keys themselves). My attempted LDAP searchs failed, although I can't tell whether they failed because support is removed/restricted, or if my queries were just malformed/bogus.

Anybody who can post statistics on the number of keys setup, or a working LDAP query would earn a virtual beverine.

No tags | No comments