Change in allowed-files policy on all fedora-maintained hosts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In an ongoing effort to improve our security we have decided to disallow
any ssh private keys from being housed on any fedora-maintained system.
No user should have ever needed to upload an ssh private key, the public
keys are, of course just fine and required. However, on the off-chance
that someone has done this, we'll be performing audits of user homedirs
looking for ssh private keys.

If we find them we'll remove them and then remove the owning-user's ssh
public key from the Fedora Account System (FAS), forcing them to upload
a new one. We're taking this additional step to make sure that the
public key in FAS is not vulnerable due to their private key being
potentially exposed on a shared system.

You can refer to the allowable content section of the fedorapeople faq.
https://fedoraproject.org/wiki/Infrastructure/fedorapeople.org#Allowable_content

These rules (and more), apply to our administrative systems and home
directories.

Thank You,
Fedora Infrastructure Team




-- 
announce mailing list
announce@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/announce


[Index of Archives]     [Fedora Package Announce]     [Fedora Users]     [Fedora Package Review]     [Fedora Desktop]     [PAM]     [Big List of Linux Books]     [Gimp]     [Yosemite News]     [Yosemite Camping]     [Fedora Users]

  Powered by Linux