Timshel Knoll timshel@debian.org writes:
Aaanyways, I do have one fairly serious problem (despite the severity of this bug report ;). The files in ~/.lsh/authorized_keys_sha1/ aren't human-readable, and lsh-authorize doesn't store key comments anywhere else. This might actually be a security concern; if I can't figure out which key to delete now that a host I connect from is decommissioned, I'll leave it there.
So, I guess this feature request is just for (yet another) lsh- util that'll read the comment stored in the non-human-readable file. Dunno if one's stored right now, but it's probably worth doing ;)
One can read the files by piping them through the sexp-conv program (they just contain the public key in sexp format), but there are usually no labels inside.
Somethings one could add to lsh-authorize is
(i) an option that inserts a label (probably a ;-comment) in the file. Actually, the authorized keys mechanism is a hack (even if I think it's quite a robust hack), and the contents of the file isn't used at all, and
(ii) an option that unauthorizes a key, by deleting the corresponding file.
Regards, /Niels