Re: [Radmind-users] ssh host keys in excludes

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

A drawback is that you can't manage anything else about the files, such as
their ownership and permissions. Depending on your needs for security, that
may or may not be an issue (and I honestly don't know if "repair
permissions" on Mac OS X would mitigate it at all, since those files
shouldn't be listed in any of default installer packages for the OS).

But a benefit is that -- unlike the negative/scripting approach -- you don't
have to introduce the complexity of another script. The script will have
maintenance overhead for itself, its support system (i.e. running at
startup), and for the command files it is in.

I've been thinking about moving to excludes for SSH host keys, myself, but
haven't made that change. It seems a reasonable one to make.

-- 
Jeremy Reichman