I've been hearing a lot of complaints from sysadmins who I try to convince to run SSH lately. "Key management is too difficult." "I cant keep track of all that stuff." I think that an interesting answer might be a ssh key issuing "robot." or vending machine of sorts. It might works something like this. User wants access to the sshd running host. Sysadmin gives the user a one time key only good for connecting to the vending machine via SSH. Would be nice if the robot recycled the password every time a successful connection was made. Connecting to the vending machine, the user would fill out a form including the hostnames he was likely to connect from and etc. After filling out that form, the user would be issued a key for the system, which would be automatically entered into authorized_keys. Whatever other automation was needed to get a user up and running on SSH would be executed. Of course, the main problem is that the sysadmin could capture the secret key of the user and use it to create a false login trail or other mischief. This could be avoided by allowing a user generated key to be submitted, of course. Ideally both options would be presented with a "less secure" warning for the former. Might make a nice project for someone fluent in perl, or even a webpage. I'd do it my self if my programming talents were not so pathetic. Comments? -- Forward complaints to : European Association of Envelope Manufactures Finger for Public Key Gutenbergstrasse 21;Postfach;CH-3001;Bern Vote Monarchist Switzerland