Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
Jon Ciesla
limb at jcomserv.net
Wed Oct 12 18:06:33 UTC 2011
> On Wed, 2011-10-12 at 10:51 -0700, Adam Williamson wrote:
>> On Wed, 2011-10-12 at 18:41 +0100, Richard Hughes wrote:
>> > On 12 October 2011 17:44, Kevin Fenzi <kevin at scrye.com> wrote:
>> > > All existing users of the Fedora Account System (FAS) at
>> > > https://admin.fedoraproject.org/accounts are required to change
>> their
>> > > password and upload a NEW ssh public key before 2011-11-30.
>> >
>> > I have to upload a *new* public key? Why should I have two sets of
>> keys?
>>
>> Meant 'replacement'. You can only have one key in FAS, afaict.
>
>
> You can have more than one. Just paste them in place all together.
>
>
> And we're verifying key changes by checking the fingerprint of the
> pubkeys vs your prior ones.
It's really not a huge hassle. I've already done it. I configured the
.ssh/config files where I needed to, and it doesn't conflict with any
other keys I have. I don't get what the big deal is. The disruption is,
like, five minutes of work. The potential benefit is unknown, but
certainly not zero.
Why wait for a breach to do this? This is a perfect time. Doing it
after the 2008 breach was wise. This is better.
-J
> -sv
>
>
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
>
--
in your fear, seek only peace
in your fear, seek only love
-d. bowie
More information about the devel
mailing list