ssh private keys on our systems
Ramon Almeida
ramon at projetofedora.org
Thu Sep 29 20:28:20 UTC 2011
+1
Ramon Almeida.
On Thu, 29 Sep 2011 14:19:25 -0600, Stephen John Smoogen
<smooge at gmail.com> wrote:
> On Thu, Sep 29, 2011 at 13:16, seth vidal <skvidal at fedoraproject.org>
> wrote:
>> Hi,
>>
>> I'd like to put a new policy in place which goes something like
>> this:
>>
>> If you upload your private keys (encrypted or not) we will remove
>> them,
>> then we will remove your public keys from FAS and force you to login
>> and
>> give a new one in FAS.
>>
>> We do the last step on the basis that your private key, being on a
>> networked, multi-user machine is now exposed to the world and
>> potentially compromised. So we can no longer trust it.
>>
>> thoughts?
>
> +1 since publishing their private keys on a web page is probably not
> allowed.
>
>> Thanks,
>> -sv
>>
>>
>>
>> _______________________________________________
>> infrastructure mailing list
>> infrastructure at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/infrastructure
>>
More information about the infrastructure
mailing list