package maintenance from multiple PCs ?
Ignacio Vazquez-Abrams
ivazqueznet at gmail.com
Sun Sep 21 14:39:14 UTC 2008
On Sun, 2008-09-21 at 17:12 +1000, David Timms wrote:
> Hi, I've recently been trying to do package development from my notebook
> PC, rather than my desktop PC {which has all the ssh certs,
> own/fedora/fedara certs, and the client side certificate}.
>
> To use a second development machine is it necessary and sufficient to:
> cp from my account on original desktop:
> - .ssh/id_rsa.pub
Not required unless you want to set up other machines for entry with the
same key.
> If I have all the same key/certs on the notebook, what are the security
> implications if the machine is stolen {and obtained by someone with
> malicious ideas} etc ?
1) Your passphrase can be brute-forced, thereby possibly gaining some
knowledge about your passphrases in general.
2) Someone can act as you in koji, both in the browser and in the
command line ("Beware criminals requeueing packages").
--
Ignacio Vazquez-Abrams <ivazqueznet at gmail.com>
PLEASE don't CC me; I'm already subscribed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20080921/0d16746d/attachment.bin
More information about the devel
mailing list