Is it bad practice to store obsolete authorized_keys as user/group nobody?

Is it bad practice to store obsolete authorized_keys as user/group nobody?

I'm using Chef to manage users on a cluster of servers. When a user is removed I'm keeping their authorized_keys file and changing the file's user/group to "nobody" after deleting the relevant user from the server. Is it bad practice to do this?

Edit: I'm running CentOS 5 on my cluster.

答案1

The authorized_keys file contains public keys, which wouldn't do any harm if they fell into some attacker's hands, they're meant to be public.

相关内容