Given recent events in the linux-y world I think it might do us a service to impose an ssh-key, user cert and password enforced change flag day. The idea would be everyone would be required to change their passwords, ssh keys and any user certs they have before being allowed to do anything else on our systems. Anyone failing to change them would be locked out after a specific date. In particular I would like to make sure that ssh keys get changed - so much so that I would want to keep a copy of the existing ssh keys and verify that the new one does not match the old one before allowing it to be used. I'd like to discuss the efficacy and timing of this. If anyone has perspective that is helpful, please share it. I think this should be done soon, personally. -sv _______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
