On Wed, 12 Oct 2011 13:53:34 -0400
Digimer <linux(a)alteeve.com> wrote:
On 10/12/2011 12:44 PM, Kevin Fenzi wrote:
> Subject: IMPORTANT: Mandatory password and ssh key change by
> 2011-11-30
>
> Summary:
>
> All existing users of the Fedora Account System (FAS) at
>
https://admin.fedoraproject.org/accounts are required to change
> their password and upload a NEW ssh public key before 2011-11-30.
> Failure to do so may result in your account being marked inactive.
> Passwords changed and NEW ssh public keys uploaded after 2011-10-10
> will meet this requirement.
I'd like to add my voice to the concern about requiring new public
keys. I can appreciate the desire for security, but forcing new SSH
keys accomplishes nothing of practical use. Quite the contrary; It
induces a fair hardship of those of us with keys configured on many
other systems.
I'm sorry it's causing you hassle. It does accomplish some practical
gain, IMHO.
You can use a separate key for Fedora machines if that makes things
easier for you. Or you could document and determine now when you aren't
in a hurry (the deadline is 1.5 months away) what hosts you need to
change and that your private key wasn't accidentally backed up to them.
The idea of maintaining a second set of keys for Fedora (and again
for any other projects that follow suit) is, I'd argue, unreasonably
burdensome.
I'm sorry you think so. You don't have to take that tack if you don't
like.
kevin