I'm using Chef to manage users on a cluster of servers. When a user is removed I'm keeping their authorized_keys file and changing the file's user/group to "nobody" after deleting the relevant user from the server. Is it bad practice to do this?
Edit: I'm running CentOS 5 on my cluster.
答案1
The authorized_keys
file contains public keys, which wouldn't do any harm if they fell into some attacker's hands, they're meant to be public.