Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
Kevin Fenzi
kevin at scrye.com
Wed Oct 12 19:44:55 UTC 2011
On Wed, 12 Oct 2011 13:53:34 -0400
Digimer <linux at alteeve.com> wrote:
> On 10/12/2011 12:44 PM, Kevin Fenzi wrote:
> > Subject: IMPORTANT: Mandatory password and ssh key change by
> > 2011-11-30
> >
> > Summary:
> >
> > All existing users of the Fedora Account System (FAS) at
> > https://admin.fedoraproject.org/accounts are required to change
> > their password and upload a NEW ssh public key before 2011-11-30.
> > Failure to do so may result in your account being marked inactive.
> > Passwords changed and NEW ssh public keys uploaded after 2011-10-10
> > will meet this requirement.
>
> I'd like to add my voice to the concern about requiring new public
> keys. I can appreciate the desire for security, but forcing new SSH
> keys accomplishes nothing of practical use. Quite the contrary; It
> induces a fair hardship of those of us with keys configured on many
> other systems.
I'm sorry it's causing you hassle. It does accomplish some practical
gain, IMHO.
You can use a separate key for Fedora machines if that makes things
easier for you. Or you could document and determine now when you aren't
in a hurry (the deadline is 1.5 months away) what hosts you need to
change and that your private key wasn't accidentally backed up to them.
> The idea of maintaining a second set of keys for Fedora (and again
> for any other projects that follow suit) is, I'd argue, unreasonably
> burdensome.
I'm sorry you think so. You don't have to take that tack if you don't
like.
kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20111012/26b3b063/attachment.bin
More information about the devel
mailing list