Re: [Gnu-arch-users] Re: sharing local archive problems

[Colin Fox]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Anand Kumria wrote:
| On Tue, 12 Oct 2004 10:18:19 -0400, James Blackwell wrote:
|
|
|>Andrei Voropaev:
|>
|>
|>>Hm. It is possible for all of us to create our own archives by tagging,
|>>and then merging our changes back into single archive. But for certain
|>>simple changes it would be nice if my collegue could simply commit his
|>>changes in my archive.
|>>
|>
|>If you insist upon having a shared archive, then you have three choices:
|>
|>1. Use a shared account, typically by creating a new account, and adding
|>both his and your ssh keys to authorized_keys for that account.
|
|
| Using ssh keys is just one mechanism to achieve the account sharing. There
| are many other possibilities; I've personally found the simplest way to
| put users sharing an archive in a group and then perform some sftp-foo to
| modify their umask behind their back.
|
| There are also many ways to perform the sftp-umask-foo as well.

Another advantage to a shared group is that you can remove people from
the group, whereas if you have a shared key, and you don't want someone
to have access any more, you'd have to re-key & reissue the key (and
make sure you remember where all those keys are used!).

I have a number of subcontractors working for me, and occasionally I
stop working with one, and I need to revoke all access. The easiest way
is to simply lock their account, and if I use a group access technique
then that's all I need to do.

Regards,
~  cf

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBbUkuoaQ1/feGlJoRAjqSAJwJ8EgZ48t8bm4ohXofvwhL/jjPUgCePjrp
J5CR1Um2VxluLPIld/CYe8Q=
=olus
-----END PGP SIGNATURE-----