Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30

Kevin Fenzi kevin at
Wed Oct 12 19:44:55 UTC 2011

On Wed, 12 Oct 2011 13:53:34 -0400
Digimer <linux at> wrote:

> On 10/12/2011 12:44 PM, Kevin Fenzi wrote:
> > Subject: IMPORTANT: Mandatory password and ssh key change by
> > 2011-11-30
> >
> > Summary:
> >
> > All existing users of the Fedora Account System (FAS) at
> > are required to change
> > their password and upload a NEW ssh public key before 2011-11-30.
> > Failure to do so may result in your account being marked inactive.
> > Passwords changed and NEW ssh public keys uploaded after 2011-10-10
> > will meet this requirement.
> I'd like to add my voice to the concern about requiring new public
> keys. I can appreciate the desire for security, but forcing new SSH
> keys accomplishes nothing of practical use. Quite the contrary; It
> induces a fair hardship of those of us with keys configured on many
> other systems.

I'm sorry it's causing you hassle. It does accomplish some practical
gain, IMHO. 

You can use a separate key for Fedora machines if that makes things
easier for you. Or you could document and determine now when you aren't
in a hurry (the deadline is 1.5 months away) what hosts you need to
change and that your private key wasn't accidentally backed up to them. 

> The idea of maintaining a second set of keys for Fedora (and again
> for any other projects that follow suit) is, I'd argue, unreasonably
> burdensome.

I'm sorry you think so. You don't have to take that tack if you don't


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : 

More information about the devel mailing list