On Wed, 2011-10-12 at 10:51 -0700, Adam Williamson wrote:
> On Wed, 2011-10-12 at 18:41 +0100, Richard Hughes wrote:
> > On 12 October 2011 17:44, Kevin Fenzi <kevin(a)scrye.com> wrote:
> > > All existing users of the Fedora Account System (FAS) at
> > >
https://admin.fedoraproject.org/accounts are required to change
> their
> > > password and upload a NEW ssh public key before 2011-11-30.
> >
> > I have to upload a *new* public key? Why should I have two sets of
> keys?
>
> Meant 'replacement'. You can only have one key in FAS, afaict.
You can have more than one. Just paste them in place all together.
And we're verifying key changes by checking the fingerprint of the
pubkeys vs your prior ones.
It's really not a huge hassle. I've already done it. I configured the
.ssh/config files where I needed to, and it doesn't conflict with any
other keys I have. I don't get what the big deal is. The disruption is,
like, five minutes of work. The potential benefit is unknown, but
certainly not zero.
Why wait for a breach to do this? This is a perfect time. Doing it
after the 2008 breach was wise. This is better.
-J
-sv
--
devel mailing list
devel(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
--
in your fear, seek only peace
in your fear, seek only love
-d. bowie