On Wed, Dec 30, 2020 at 12:00:47AM +0100, Dominik 'Rathann' Mierzejewski wrote:
On Monday, 28 December 2020 at 03:38, Kevin Fenzi wrote:
> On Sun, Dec 27, 2020 at 06:43:23PM -0700, Ken Dreyer wrote:
> > On Thu, Dec 24, 2020 at 12:33 AM Dridi Boukelmoune
> > <dridi.boukelmoune(a)gmail.com> wrote:
> > >
> > > > The weakest point in the current system is really the FAS password.
If
> > > > you have a packager's FAS password you can change the ssh key
> > > > associated with the account to another that you control, and the FAS
> > > > password is also all you need to run a build and submit it to Bodhi.
> > >
> > > Or you add an SSH key without removing the maintainer's keys on the
> > > off chance that it would go unnoticed...
> >
> > From what I can tell, the current implementation of FAS does not allow
> > more than one SSH key per user account.
>
> You can add more than one. Just put them in a file and upload all of
> them for 'ssh key' one key per line. There's a limit based on
> applications getting the ssh keys, but you can upload multiple keys
> fine.
Is that documented somewhere? I was also under the impression that only
one key was permitted.
If you click on the little [i] info thing next to ssh key when editing
your account you can see:
"Many resources require public key authentication to work.
By uploading your public key to us, you can then log in to our servers.
Type "man ssh-keygen" for more information on creating your key
(it must be an RSA key). Once created you will want to upload ~/.ssh/id_rsa.pub.
If you wish to login through several hosts, each with their own public key,
you can create a concatenated file of public ssh keys and upload it in lieu
of the individual ssh public key.
"Warning: In case of having ECDSA key please upload the two types of keys
because some of our servers may not accept ECDSA keys."
"
(The last thing there is wrong now... we have no rhel6 vm's left).
kevin