ssh private keys on our systems
Rafael Gomes
rafaelgomes at techfree.com.br
Thu Sep 29 21:29:03 UTC 2011
On Thu, Sep 29, 2011 at 4:16 PM, seth vidal <skvidal at fedoraproject.org> wrote:
> Hi,
>
> I'd like to put a new policy in place which goes something like this:
>
> If you upload your private keys (encrypted or not) we will remove them,
> then we will remove your public keys from FAS and force you to login and
> give a new one in FAS.
>
> We do the last step on the basis that your private key, being on a
> networked, multi-user machine is now exposed to the world and
> potentially compromised. So we can no longer trust it.
>
> thoughts?
>
> Thanks,
> -sv
+1
--
Rafael Gomes
Consultor em TI
LPIC-1 MCSO
(71) 8318-0284
Atenção: Este e-mail pode conter anexos no formato ODF (Open Document
Format)/ABNT (extensões odt, ods, odp, odb, odg). Antes de pedir os
anexos em outro formato, você pode instalar gratuita e livremente o
BrOffice (http://www.broffice.org).
More information about the infrastructure
mailing list