16 Jul
2014
16 Jul
'14
5:29 p.m.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 16.07.2014 06:25, Jimmy Kaplowitz wrote:
The GCE variant is also mostly more of a safety benefit than a security benefit, but it does have one security benefit: if a user is subsequently removed from the metadata server, or if the key is set to expire (experimentally supported by our agent and used by this nifty feature: https://developers.google.com/compute/docs/ssh-in-browser) and they're removed from the GCE project, it's easier to clean up after people who used to have access but shouldn't any more.
Of course, I was speaking in a more general sense. - From a cloud and multiuser perspective you are totally right.
kind regards
Sven
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQGcBAEBAgAGBQJTxrZdAAoJEAq0kGAWDrqlGLEMAJBGSyyPsjyta6NpdlRij2bO
1n77aiT4RLpWZwEQXVqNi0XFCN0DxJQ7uTwCL3R1rjjRzoV1qDH9XWr/3qzROrwX
449bqCEfaur4otR6uiwaNjibyBZrWxUea13+j+dfdRGlaDt9lQ8U+CPi4dd1kT0e
BkzjJj7lVyp+tMxiMtuvs6cPWMY0bdIbhGZEml9tNSj5OTexZmgwfATnKcT18PVi
cUk9n7LsF2BTr4YytXWuoAwSiNlsD6VSrQxQtdD+FbjhKdHmblHzI4x1NR3m7rPq
ih9GTsHsH+uQsoSLu6O4z6mrcCWQBT7cY4pW1tTqq7r5ZgaHc1clhSstPo+bgsIo
p4CWO5LuzX+HCcwaTPUiuGjw/3UPgsJxhIOGUp50fRJUR8vC1K8PwZaIgXs0KAq4
2Yfqggv8Fy8rfuu2W1oVlI3jnjhqDK/npCIP791Gu7/gTcYuZOMRv8ZFJ62n7723
ZoRTzJVc305WuasChVpNy57odh01CkLNlYyDlHOX/A==
=8Y3K
-----END PGP SIGNATURE-----