Subject: Re: cgd and remote keys
To: Curt Sampson <>
From: Hubert Feyrer <>
List: tech-security
Date: 12/31/2007 22:39:19
On Mon, 31 Dec 2007, Curt Sampson wrote:
> Does this seem like a reasonable idea? Does anybody have any further
> comments? Is there an existing protocol we might use that would be as
> simple as a simple TCP connection? (HTTP comes to mind.) Would anybody
> object to me writing and committing this, along with committing a simple
> server to pkgsrc?

Maybe use a command that prints the key to stdout, then use something like 
"ssh server cat keyfile"? This assumes proper key setup, and I'm sure 
you'll be able to verify the connect is from the right IP via the 
authorized_key file, see the "AUTHORIZED_KEYS FILE FORMAT" section of 

  - Hubert