Just a quick heads up (I am not really here today/this week): Last week the tpm module in autosign01 failed. robosignatory normally binds to a tpm so if any keys/files were copied off to somewhere else, they would be useless, because they require that exact machines tpm to be there. Thanks to Patrick from the iot team, things are back and working, but in a degraded state. Basically currently robosign is requiring passphrases be manually input by an admin on any restart (and then keeping that information in the kernel keyring). I'm out this week, Patrick is also out for a while, so I would urge us to not make autosign mods right now. As soon as we are back, we can evaluate if getting the tpm replaced is the way to go or other measues. Thanks, kevin
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
