• 1 Post
  • 20 Comments
Joined 1 year ago
cake
Cake day: June 8th, 2023

help-circle












  • My SSH auth uses SSH keys stored in authorized_keys, but I see your point. For me, OpenLDAP will be letting users in to the various services and SSH is outside that. I suppose SFTP could be something I want, but I’d be tempted to put a new sshd inside a container and have it more restricted than the system one.

    I think the backup key idea is definitely the most broadly applicable, but there’s physical/KVM for a more old school access route.