Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30

Jon Ciesla limb at jcomserv.net
Wed Oct 12 20:15:54 UTC 2011 

> ons 2011-10-12 klockan 13:49 -0600 skrev Kevin Fenzi:
>
>> If you can't change your token, then I would posit you have a problem.
>> What if you KNEW your private key was compromised? Surely there is a
>> way to generate a new one...
>
> I can change it, but it means changing it for all sytems I access using
> that SSH token, not only Fedora. And as hard token keys is not easily
> compromised without the token as such being stolen it's not something
> you normally do.

Well, no, actually it just means you just need to use a different key for
Fedora.  There's no reason you can't keep using that key everywhere else
you're using it.

-J

> A compromise of the hard token key without the token as such being
> stolen together with the access code would require a bruteforce of the
> RSA key in question.
>
>> Please feel free to jump in and help code such changes. :)
>> We are a open source infrastructure and I'm sure patches and ideas even
>> would be welcome.
>
> Point taken. And something I been considering many times but not gotten
> the whole way to doing. Getting there is quite far away for someone not
> already woring on the infrastructure.
>
> The tools needed already esists. The question is how to get the
> infrastructure to use them.
>
>> > But even then, the security of Fedora accounts is no stronger than the
>> > security of the email associated with an account. Quite pointless to
>> > try to bolster the security very high when all that is needed to take
>> > over a standard Fedora account is to have access to the email
>> > (account or traffic) of the Fedora account. Sure, a full account
>> > takeover is more likely to get noticed than a stolen password, but it
>> > still sets the level of expected security.
>>
>> Yeah, ideally we would do more here with gpg.
>
> Yes. Once there is a GPG or SSH key installed in the FAS account then
> those should take preference over the email as "account owner key", and
> resetting the account should not be possible with a plain text email
> alone. If the GPG and SSH keys is both lost then administrator action
> should be needed to reset the account and verifying credibility of the
> account owner.
>
> Regards
> Henrik
>
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
>


-- 
in your fear, seek only peace
in your fear, seek only love

-d. bowie

More information about the devel mailing list