Security in an error-prone world
Security in an error-prone world
Posted Nov 11, 2015 21:31 UTC (Wed) by nix (subscriber, #2304)In reply to: Security in an error-prone world by mathstuf
Parent article: Security in an error-prone world
Why would you want to use an SSH or GPG key as another user? Genuinely curiousI consider a smartcarded SSH key to be 'something I have' combined with 'something I know': proof that I have physical access to the smartcard (though not quite as much proof as a touch-to-generate one-time password) and proof that I know the PIN. As such, it's quite safe to use it for multiple users, if what you're using those users for is separation of concerns and to stop programs running as one from accidentally smashing programs running as the other. Identities are not the same as Unix uids!